NOW READ THIS
("Security Advisory")

Go Back

---

Submitted by: Bill Hickey
NCVA List Master

NRT-0176 Study Finds Most Malicious Code Hosted in the US and UK:

Web security firm Finjan released its first quarter 2007 Web Security Trends Report, which indicats that 90% of Universal Resource Locators (URL's) that contain malicious code are hosted in the United States and the UK, with the US accounting for 80% of the total. In addition, Finjan found that advertising links are the leading category among malicious URLs, representing 80% of all malicious links. Finjan claims that this recent research clearly demonstrates that malicious code is not just an issue of outlaw servers in countries with weak e-crime laws. Finjan notes that traditional location-based reputation heuristics are becoming decreasingly effective against modern attacks. Finjan's research was based on its analysis of more than 10 million URLs based on live web traffic recorded in the UK.

Beyond being primarily hosted in the US and UK, Finjan reports that malicious code is just as likely to be accessed through legitimate web sites, such as those related to finance, travel, or computing, as through what are generally considered disreputable sites that offer adult content or free downloads.

Finjan found that over 80% of the malicious code detected was obfuscated in some fashion, making it virtually invisible to pattern-matching or signature-based detection methods in use by most anti-virus products.

Finjan also pointed to a new trend in the existence of malicious code on web pages served by automatic translation service web sites. Finjan discovered several instances of malicious code on translated web pages. Finjan suggests that hackers are using the translation process to obscure the source of the malicious code behind the otherwise reputable translation service.

(PRNewswire 16MAY07)

Last Modified: Monday, 21-May-2007 20:07:27 EDT