Malware and spam trends continue to grow

A new McAfee report uncovered that a USB worm has taken the No. 1 spot for top malware worldwide. Spam trends show that email subjects vary greatly from country to country with diploma spam out of China and other Asian countries on the rise. Earthquake news and other major 2010 events drive poisoned Web searches, and U.S.-based servers host the majority of new malicious URLs.

Threats on portable storage devices took the lead for the most popular malware. AutoRun related infections held the No. 1 and No. 3 spots due to the widespread adoption of removable devices, mainly USB drives. A variety of password-stealing Trojans rounded out the top five. Those include generic downloaders, unwanted programs and gaming software that collects statistics anonymously. Unlike past studies, the popularity of these threats ranked consistently worldwide.

While spam rates remain steady, their subjects vary considerably from country to country. One of this quarter’s biggest discoveries was that China, South Korea and Vietnam have the most significant diploma spam, which promotes the purchase of forged documents to establish qualifications for items such as jobs. Singapore, Hong Kong and Japan have exceptional rates for Delivery Status Notification spam indicating a possible issue with preventative mail-filtering capabilities.

Thailand, Romania, the Philippines, India, Indonesia, Colombia, Chile and Brazil have a higher portion of malware infections and spam. These countries have experienced significant Internet growth over the past five years and are lagging in security awareness.

Attackers are leveraging major news events to poison Internet searches. Haiti and Chile earthquake disasters led the list (No. 1 and No. 2, respectively). The Toyota recall, Apple iPad and NCAA March Madness followed. Referred to as search engine manipulation, cybercriminals continue to use analytics and page-ranking logic to exploit hottest search terms and drive traffic to malicious websites.

At 98 percent, the United States hosts the majority of new malicious URLs in Q1 2010. The massive share of new malicious URLs hosted in the U.S. is due to the location of many different Web 2.0 Services, most of which are provided with U.S. locations. Within the remaining 2 percent, China hosted 61 percent and Canada hosted 34 percent.

Don't miss