Most Malware Made in China

By Lisa Vaas  |  Posted 2007-09-05 Print this article Print

China can't deny that it's pumping out the most malware on the planet.

China can keep on denying that its Peoples Liberation Army is responsible for infiltrating government networks, but good luck denying that its pumping out the most malware on the planet. Sophos nailed China as the top junk-spewer back in its July 2007 Sophos Threat Report. In the report, Sophos said that China servers are behind 44.8 percent of the worlds malware-infected sites. Thats more than the next three top countries serving junk combined: the United States, at 20.8 percent, Russia with 11.3 percent, and Ukraine, at 7.7 percent. That yearly average isnt actually a reflection of the apex of Chinas malware serving, though. At the end of 2006 the country hosted just over a third of all malware, it then surpassed the United States and in the first six months of 2007 served up more than half of all malware—at least, the threats reported to Sophos.
But as Sophos says, just because Chinese servers are hosting junk doesnt mean the criminals are actually in China.
To read about how China has denied that it hacked into the Pentagons network, click here. "Although a worrying number of Chinese-based Web pages are being found containing malicious code designed to infect Web surfers worldwide, it does not necessarily mean that the criminals behind these attacks are based in the country," Graham Cluley, a senior technology consultant at Sophos, said in a release. "Cyber-crime is a truly global problem and all businesses must ensure they are properly protected." As for why Chinas servers are such accommodating hosts, Sophos credits the widespread rate of Mal/Iframe infections on Chinese hosted sites, with more than 80 percent of the countrys compromised Web pages being stricken with the malware. Google also recently came out with some interesting related news regarding what flavor of server malware senders like to use (or exploit and then use) and why software piracy puts China at the head of the malware game. In its June report, Google cited piracy statistics from NationMaster that estimate piracy rate (the number of pirated software units divided by the total number of units put into use) at 92 percent in China in 2004, and from BSA, which put the figure at 55 percent for 2006. Google also suggested that security patches arent available for such pirated copies of Microsoft IIS, meaning that a larger percentage of Chinese IIS servers are potentially compromised. Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
Lisa Vaas is News Editor/Operations for and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel