Feeds

China displaces Britain as botnet epicentre

Zero-day attacks, phishing scams star in Symantec scorecard

Seven Steps to Software Security

China has displaced Britain as the home of the greatest concentration of compromised (zombie) PCs.

The world's most populous country accounted for 26 per cent of the world's bot-infected computers, a higher density than any other country. Beijing was the city with the most bot-infected computers in the world, accounting for just over five per cent of the worldwide total, according to the latest edition of security firm Symantec's twice-yearly Internet Security Threat Report.

During the second half of 2006 period, Symantec observed an average of 21,707 new active bot-infected computers per day in the EMEA region. More than 2.3 million bot-infected computers in the region were identified as being active at any one time, a 130 per cent increase from the 1m seen during the first half of 2006.

In the EMEA region, France and Germany had the highest number of bot-infected computers, compromised systems used to send spam or other nefarious activities. The number of bots affecting computers in the UK fell from 22 per cent, to 11 per cent during the second six months of 2006, a drop Symantec attributes to the economic cycle of broadband penetration and adoption rather than particular internet security efforts.

Madrid, Spain had the most bot-infected computers of any city in the EMEA region, accounting for six per cent of the total. London came third behind Paris in this zombie league of shame.

Many of these compromised PCs (around 40 per cent) were controlled via bot command-and-control computers located in the US.

Lan of the dead

The US remains both a centre and target of cybercrime. Eighty-six per cent of the credit and debit cards advertised for sale on the digital underground were issued by banks in the US.

Symantec recorded an average of 5,213 denial of service (DoS) attacks per day, down from 6,110 in the first half of the year. Systems in the US were the target of most DoS attacks, accounting for more than half (52 per cent) of the worldwide total.

Ollie Whitehouse, Symantec research scientist and one of the authors of the report, said that hackers are becoming increasingly sophisticated in the tactics they use to gain control of vulnerable systems. He said the increased use of unpatched (zero-day) vulnerabilities, which occurred regularly during the second half of 2006, provided evidence of this trend.

During the second half of 2006, 23 per cent of the 1,318 documented malicious code samples exploited vulnerabilities. Many of these attacks targeted web browser security bugs.

Symantec documented 54 vulnerabilities in Microsoft Internet Explorer, 40 in the Mozilla browsers, and four each in Apple Safari and Opera over the report period. Mozilla did the best job of the browser suppliers in fixing flaws, taking an average of two days to develop an update. Internet Explorer was targeted by 77 per cent of attacks specifically targeting Web browsers.

Spam, spam, spam....

Spam and in particular phishing attacks that attempt to trick users into handing over account credentials remained a problem during the reporting period. Symantec blocked over 1.5 billion phishing messages in 2H06, an increase of 19 per cent over the first half of 2006.

Forty-six per cent of all known phishing sites were located in the US, a much higher proportion than in any other country. The UK had the second highest number of phishing Web sites in EMEA and third highest in the world, beyond the US and Germany. Karlsruhe in Germany was the EMEA city which hosted the highest number of phishing Websites.

During the last six months of 2006, 44 per cent of all spam detected worldwide originated in the US. In the EMEA region, spam made up 66 per cent of all monitored email traffic, Symantec reports.

Fortune cookies

Looking ahead, Symantec expects to see more threats begin to appear on Windows Vista, with a focus on vulnerabilities, malware and attacks against the Teredo platform. Symantec also expects that attackers will focus on third-party applications that run on Vista.

The net security giant expects phishing fraudsters to expand beyond the regular targets of online banks and eBay to new industry sectors, such as multiplayer online games. It also reckons that spam and phishing will increasingly target SMS and MMS on mobile platforms. ®

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.