Malicious code is more likely to be hosted on local servers in the UK and US than in countries with less developed e-crime law enforcement policies, according to the latest report by Finjan.The research, which analysed more than ten million unique URLs in the UK, also found that more than 80 per cent of the malicious code detected by the vendor was obfuscated, making it easier to avoid detection in pattern or signature based anti-virus filters.
The report claims that hackers are using increasingly sophisticated techniques, including embedding malicious software within legitimate content such as ad delivery or translation services, and operating in regulated countries, with more than 90 per cent of the malicious URLs uncovered on servers located in the UK and US.
“The results of this study shatter the myth that malicious code is primarily being hosted in countries where e-crime laws are less developed,” said Yuval Ben-Itzhak, CTO at Finjan. “Unfortunately this means that the traditional location-based reputation heuristics are decreasingly effective against modern attacks.”
Advertising contained more web addresses with malicious programs than any other category (80 per cent). Such software can be found through legitimate websites just as much as disreputable websites, such as pornography or free downloads.
“This means that security products that rely solely on URL groups to block access to malicious sites are no longer effective,” warned Ben-Itzhak.