Dedicated To IT Security Issues, Featuring News, Press Releases, IT Directory & Links
Malware attacks decline from the US, but increase from China, Russia and Korea, says Network Box
Published 28th November 2008
28 November 2008 - Thirty-five percent of all Internet intrusion attacks are coming from Korea, according to managed security firm, Network Box. Analysis of all Internet threats in November by the company shows that Korea accounts for more than double the intrusions of its nearest competitor, the US (14 per cent).
Spam and viruses are on the decline from the US, following the shutdown of the McColo spam hosting service earlier this month. Although over the full month, the US was the biggest source of spam and viruses, this dropped sharply towards the end of November, when China took the top spot in the spam charts.
Simon Heron, Internet Security Analyst at Network Box says: “We expect to see China as the primary source of spam next month, with Russia significantly increasing its output. McColo’s shutdown has had a dramatic effect on the malware output – both spam and viruses - from the US. However, we are seeing spam levels increasing again though not currently back up to levels we saw before McColo closed in the US.”
For further information, see www.network-box.co.uk.
Top Ten Viruses
Threat Name Daily Average %
1. spam.phish.url 35.67821
2. can-2003-0161 4.69491
3. trojan-spy.html.fraud.gen 5.30703
4. trojan-dropper.win32.agent.yzp 4.05881
5. nbh-bscript 3.16169
6. spam.porn.spam_nb_porn_subj_csk_1 2.50091
7. nbh-multext .35456
8. policy_prohibits_'exe'_nested_at 1.79322
9. Trojan-psw.win32.agent.lcc 1.78064
10. clm.html.phishing.pay-36 1.31201
Top Ten Trojans
Threat Name Daily Average %
1. trojan-spy.html.fraud.gen 0.11455
2. trojan-dropper.win32.agent.yzp 0.09805
3. trojan-psw.win32.agent.lcc 0.05511
4. trojan-spy.win32.zbot.fql 0.03281
5. trojan-spy.win32.zbot.frh 0.02655
6. clm.trojan.agent-61609 0.01474
7. trojan.win32.agent.amzt 0.01355
8. trojan-downloader.win32.small.afzf 0.00847
9. trojan-spy.win32.zbot.ghq 0.00711
10. trojan-downloader.win32.agent.anaq 0.00636
Top Ten Intrusions
Threat Name Daily Average %
1. NETBIOS 35.61600
2. BOGON 13.72736
3. PINGFLOOD 7.14538
4. HTTP-S-WEBDAV 0.03116
5. ICMP 0.02818
6. HTTP-S-WEBDEX 0.01964
7. SOBIG-F 0.01383
8. HTTP-S-NIMDA 0.00477
9. HTTP-S-UNIXATTACK 0.00439
10. HTTP-S-IISATTACK 0.00378
Top Ten Sources of Viruses
Country Daily Average %
1. US 19.49704
2. China 6.49728
3. Korea 6.36452
4. Australia 5.46776
5. UK 4.40333
6. Ukraine 4.39740
7. Turkey 3.88654
8. Russia 3.60779
9. Brazil 3.42233
10. Spain 2.77787
Top Ten Sources of Spam
Country Daily Average %
1. US 14.43738
2. China 9.99901
3. Korea 6.67193
4. Turkey 6.31428
5. Australia 5.94338
6. UK 4.46450
7. Brazil 4.19417
8. Spain 4.10385
9. Russia 3.83448
10. Poland 2.77324
Top Ten Sources of Intrusion
Country Daily Average %
1. Korea 34.90125
2. US 15.97265
3. Hong Kong 8.88417
4. China 8.45910
5. Malaysia 5.59282
6. Australia 3.90484
7. Turkey 1.46664
8. Brazil 1.15039
9. UK 1.00705
10. Poland 0.95489
About Network Box:
Network Box Limited (NBL) is an international managed security services company, specialising in unified threat management (UTM). It continuously defends the networks of its customers using PUSH technology to instantaneously update protection, from 12 Security Operations Centres spread around the globe. NBL’s customers in Asia, Australia, North America and Europe include companies such as BMW, Nintendo and Toyota, as well as banks, utilities companies and government organisations.
For more information, see www.network-box.co.uk / www.network-box.com.