US is malicious server leader, says AVG

The research, based on an analysis of threats reported over the last six months via AVG's LinkScanner Web security product, found that 44% of compromised or malicious servers are hosted in the US. This number far exceeded the next most popular places for malicious servers, Germany and China, which accounted for just 5% each.

Malicious servers were found in almost 4600 locations throughout the US, the research revealed.

"The results of this study shatters the myth that malicious code is primarily hostsed in countries where crime laws are less developed," said Karel Obluk, chief technology officer at AVG. He added that half of the domains found on the malicious servers were up for making the problem very transparent.

"This makes perfect sense since the USA is a primary target market for the criminals and has a rich and mature Internet infrastructure making the threats both highly accessible and cheap," he continued.

The number of servers in the US may have dropped for a while following the takedown of the McColo rogue ISP in November 2008. The organization, which was associated with command-and-control servers for botnets including Rustock, was taken down after US journalists worked with researchers to gather evidence that it was being used for online crime. Spam levels decreased dramatically after the takedown, although they rose steadily afterwards, and reached the levels seen prior to a takedown within the year.

In its Security Intelligence Report for January through June 2009, Microsoft found that the US was roughly half way down the table in terms of the number of phishing sites per 1000 Internet hosts. It lagged behind locations including Canada, Russia, and parts of the Middle East, which had a higher density. It also fell in the middle in terms of the density of malware distribution sites per 1000 Internet hosts in the first half of 2009, and the same was true for drive-by download sites. However, it is worth noting that unlike the AVG research, these figures were presented on a per-capita basis.

As with analyses of malicious servers in other countries, AVG pointed out that location is separate from intent. Even though many servers are hosted in the US, it doesn't mean that the criminals controlling them are based in the same location.

In other news, AVG signed a deal with peer-to-peer filesharing company LimeWire. Its antivirus software will be incorporated into LimeWire Pro, the premium version of its filesharing software package. LimeWire will scan all files downloaded via its peer-to-peer network before it allows them to be used.

What’s Hot on Infosecurity Magazine?