IT security and control firm Sophos has reported the most prevalent malware threats and countries causing problems for computer users around the world during December 2007.

While the study, compiled by Sophos's global network of monitoring stations, has shown only minor changes since November, a recent Sophos poll has revealed that 70 per cent of those surveyed believe that 2008 will actually be just as bad or worse for IT security than 2007.

The top ten list of web-based malware threats in December 2007

1. Mal/Iframe - 50.8 per cent
   
2. Mal/ObfJS - 19.2 per cent
   
3. Troj/DRClick - 14.6 per cent
   
4. Troj/Unif - 3.0 per cent
   
5. Troj/Decdec - 2.4 per cent
   
6. Troj/Fujif - 1.6 per cent
   
7. Troj/Pintadd - 0.9 per cent
   
8. Troj/Zlobar - 0.8 per cent
   
9. Mal/FunDF - 0.6 per cent
   
10. VBS/Haptime - 0.5 per cent

Others - 5.6 per cent

Mal/Iframe, which works by injecting malicious code into webpages, retains its position as leader of the chart, despite not having the same impact as the previous month when it accounted for almost 70 per cent of web-based attacks. Mal/ObfJS, a method by which hackers use obfuscated JavaScript to infect web surfers, has successfully held onto second place.

"Although December saw Mal/Iframe's dominance at the top of the chart begin to wane, computer users must not get complacent - it still accounted for more than half of all web-based attacks seen last month," said Graham Cluley, senior technology consultant at Sophos. "Yet, despite the pessimistic figures and the fact that less than a third of people believe there will be any improvement in the situation in 2008, it is possible to combat the cybercriminals with an effective IT security solution. Hopefully the public's negative viewpoint will spur both businesses and consumers on to recognise the seriousness of these threats and make sure their networks and data are fully protected from existing malware, as well as emerging attacks."

The top ten list of countries hosting malware-infected webpages in December 2007

1. China (including Hong Kong) - 40.9 per cent
   
2. United States - 33.9 per cent
   
3. Russia - 6.8 per cent
   
4. Germany - 3.8 per cent
   
5. Ukraine - 2.2 per cent
   
6. Turkey - 1.4 per cent
   
7. United Kingdom - 1.2 per cent
   
8. Poland - 0.8 per cent
   
9. Netherlands - 0.7 per cent
   
10. Italy - 0.6 per cent

Others - 7.7 per cent

China, a country notoriously plagued by Mal/Iframe in previous months, continues to host the most infected web pages. However, China is not the only culprit as the United States and Russia have risen in the charts, with America storming from 19 per cent in November to serving up over a third of the world's malicious web pages in December.

This month also saw Canada and France drop out of the top ten, to be replaced by the Netherlands and Italy.

The top ten list of email-based malware threats in December 2007

1. Troj/Pushdo - 35.8 per cent
   
2. W32/Netsky - 28.1 per cent
   
3. W32/Mytob - 6.9 per cent
   
4. W32/Strati - 5.3 per cent
   
5. Mal/Dropper - 5.2 per cent
   
6. W32/Zafi - 4.9 per cent
   
7. W32/MyDoom - 3.5 per cent
   
8. Troj/Dloadr - 2.6 per cent
   
9. W32/Bagle - 1.7 per cent
   
10. W32/Sality - 0.8 per cent

Others - 5.2 per cent

Overall, 0.09 per cent of emails, or one in 1111, had malicious attachments in December 2007, with Pushdo retaining its position as the most prevalent email-based malware detected.

Related links: (Open in a new window.)
www.sophos.com

View printable version (opens in new window)
Back