Web users beware: top ten countries hosting malware on the internet

According to a new report published by security firm Sophos the US hosts the largest number of malicious websites in the world. New cybercrime trends also point to an increase in phishing and DNS attacks on reputed company's websites.

While the worldwide web has been singled out as the main distributor of malware, in a large number of new cases involving malicious sites, fingers are being pointed at sites hosted in the US.

According to Sophos's report, more than 37 percent of malicious web pages are hosted in the United States. The quantities of malicious websites in Russia and China pale in comparison to the number in the US with only 12.8 and 11.2 percent respectively.

China is often named as the main culprit when it comes to malware attacks but since 2007 the number of malicious pages hosted in the country have dropped off from 51.4 percent in 2007 to just 11.2 percent in 2009.

Cybercriminals are also beginning to change their tactics says Sophos. Rather than creating new websites and luring in unsuspecting victims, cybercriminals are targeting websites belonging to reputed companies.

"The traditional method of maliciously crafted sites luring victims in with promises of rare and desirable content continues to flourish, but is now rivaled by legitimate sites compromised by cybercriminals to host their wares. Such sites are particularly dangerous because visitors feel secure on trustworthy web resources and therefore tend to let their guard down and believe what the popups and inserts say," divulged Sophos in their 2010 Security Threat Report, released on February 1.

Sophos' list of top 10 countries hosting malware on the web (figures for 2009):
1. United States 37.4%
2. Russia 12.8%
3. China 11.2%
4. Peru 3.7%
5. Germany 2.6%
6. South Korea 2.4%
7. Poland 2.1%
8. Thailand 2.0%
9. Turkey 1.9%
10. United Kingdom 1.6%
Other 22.3%

The full report can be downloaded from the Sophos website (PDF): http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-jan-2010-wpna.pdf