By John E. Dunn
11 May 2006
China has overtaken the US as the major distributor of spy and
malware, the latest trend report from Webroot has claimed.
The company used its "Phileas" malware tracking system to reckon
China's proportion of global spyware as being 42 percent for the first
quarter of 2006, with the US a distant second at 17 percent. This
reverses the figures for Q4 of 2005, where the US was ahead.
If accurate, the figures are a strong indication that 2006 will be the
year that China, as long predicted, overtakes the US as the world=92s
number one malware producer. Last month, Sophos rated China as now
only a fraction behind the US in the bellweather spam production
The Netherlands, France and Spain come next with a combined total of
12.5 percent of malware, but no one country comes close to two main
Other statistics include the news that the cumulative figure for
malware-distribution sites has risen from 400,000 in 2005 to 427,000
in the first quarter of this year.
The report notes that phishing attacks have made a comeback, after a
period of relative stability, something the company attributes to the
easier availability of Trojan source code on the Internet.
Keyloggers are also advancing, with new techniques such as
kernel-level driver designs and rootkits to the fore. More and more of
these programs are setting out to disrupt anti-malware software as
part of their attempt to avoid detection. The average piece of malware
now comes in ten different variants.
Explanations for China's increasing prominence in malware vary. Some
have said that the country is favoured as a relay point for attacks
that originate elsewhere thanks to its lax controls and legislation.
So the statistsics don't necessarily mean that China is the world's
largest producer of malware, only its new distribution hub.
Webroot points to legislation as being the deciding factor.
"One reason for China's hosting growth could be due to impending
anti-spyware legislation in the United States driving spyware writers
to less monitored and regulated countries," the report says.
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.