US and Russia Lead List of Malware Hosts 39
Trailrunner7 writes "China has become the go-to bogeyman behind every cyber attack or malware campaign, but if you're looking for the most malicious hosting providers on the Web, you won't find any of the top 10 in China. In fact, the United States and Russia have many more bad hosting providers in the top 20 than China does. ... [One] interesting data point is the appearance of Amazon in the top 10 list of providers hosting the highest concentration of infected Web sites. These are the kind of sites used in drive-by download attacks and to deliver exploits from exploit packs. Amazon, with more than two million IPs, ranks fourth in the list of providers hosting infected sites. Also on that list is Google, which comes in at number seven. The top spot belongs to Mail.ru, a Russian hosting provider."
Hosts? Don't say that! (Score:4, Funny)
Around here that's like calling beetlejuice
Re: (Score:2)
Oh shit!
You just summoned APK and JC! When Micheal Kristopiet shows up and demands they use their real names, the end will be upon us!
Re: (Score:2)
Not really all that surprising (Score:5, Insightful)
Many many networks that I've dealt with have essentially blacklisted Chinese IP ranges, so it makes sense for anyone looking to setup a malware site to use a "legit" hosting service. They don't care if it stays up for more than a few months, in most cases.
What would be much more interesting is data on *who* is registering and setting up all of these sites, rather than where.
Re:Not really all that surprising (Score:5, Interesting)
Years ago I started blocking US dynamic IP ranges from port 25 because of the amount of spam from compromised machines. I started mapping the attempts to send spam using an intelligent guess based on the hostnames (most ISPs have a clue to the city in their reverse DNS) and GeoIP lookup. Now, I'm sure it's an artifact and not a "real" effect, but there seemed to be a strong correlation between red states and compromised machines sending spam.
I'd love to see the results of a more rigorous investigation.
Re: (Score:3)
What would be much more interesting is data on *who* is registering and setting up all of these sites, rather than where.
I'd start with a list of Nigerian royalty.
Re: (Score:1)
Many many networks that I've dealt with have essentially blacklisted Chinese IP ranges...
That's probably what they want, so they don't have to go through the expense of setting up their 'great' firewall to censor their internet. Neat trick, huh?
The Us must continue... (Score:3)
We must continue building more Malware Hosts!
We must not allow a Malware Host gap!
Re: (Score:1)
Re:No, *I* am Spartacus! (Score:4, Informative)
Re: (Score:1)
How about a new mod value. -2APK
Re: (Score:2)
I have copied and pasted one troll and thereby triggered another, equally egregious rant from the other troll. I also receive the triple troll bonus for having the copied troll come and paste a troll response to the troll responding to my mock post. I submit this as my interpretation of Slashdot's native art style. Apologies to all I offended, but I hope I win an award.
"Say good night, Gracie."
"Good night, Gracie."
Oh, and Anti-APK? Thanks for participating. That's a lovely idea, a BTC tip jar! Me too!
Tippin
PC Hell disproves MyCleanPC (Score:2)
I will give $10,000.00 to frost pister who can disprove MyCleanPC.
Done. Apparently it's just a poorly written registry cleaner [pchell.com], and CCleaner works better for no charge. You can send the 10,000 USD reward through PayPal to ebay(at)pineight.com.
Oh, and Time Cube's four simultaneous 24-hour days offset by a quarter of a day are just time zones. What do New York, London, Beijing, and Honolulu experience?
"US and Russia have many more hosting providers" (Score:5, Insightful)
In fact, the United States and Russia have many more bad hosting providers in the top 20 than China does.
Because:
In fact, the United States and Russia have many more hosting providers in the top 20 than China does.
The Great Firewall (Score:2)
Perhaps that makes it harder to host malware in China? Duh
Thereby, I'm not surprised at all by the findings. How is the US beating Russia 5-4 on this though, Russian internet has been the black market of the web pretty much and has hosted every single crack, hack, and exploit known to the internet at some point. I wonder if they rounded them all up and sent them to siberia between then and now. They're capable of doing that too.
Re: (Score:2)
You keep using that word... (Score:1)
A bogeyman is an imaginary entity. It is not the same as a scapegoat.
China, North Korea, Turkey, Russia - Not US (Score:5, Interesting)
I work for a midsize eCommerce hosting firm as the Sysadmin and have been in this position for 8 years. 100% of the DDoS attacks, spam attacks, etc are originating in China, North Korea, Turkey, and Russia. All day, every day, year after year. There have been zero against our data center from within the US. Just my two cents on this. So sure, maybe US hosting companies have more malware sites or phishing scams, but the actual cyber attacks against the US are from the nations I've listed.
Re: (Score:1)
100% of the DDoS attacks, spam attacks, etc are originating in China, North Korea, Turkey, and Russia.
For me, it's been 98% China, 1% US (almost entirely Amazon's shitcloud), with the remainder being elements of Russia, Italy, Israel and Brazil.
Re: (Score:2)