Sign in / up

back to article Almost half of malicious sites tied to 10 networks

Almost half the websites pushing malware are hosted by just 10 networks, according to a new report that adds new support to the growing argument that a relatively few number of actors are responsible for most of the net-based threats. The report (PDF) from StopBadware.org also showed a dramatic rise in China's role in the …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Sam

    I wonder..

    OIX (aka Phorm) wouldn't be one of them?

    0 0
  2. Neil Greatorex
    Coat

    I blame Microsoft

    Just because I can :-)

    I'm gone already.

    0 0
  3. Anonymous Coward
    Thumb Down

    Hmm

    I thought it was USA, Canada, Chine ten the rest of the world? (as prime malware sources. Maybe some sites bounce via china? I believe some Canadian sites used to bounce via Russia again to lose trail of the malware source).

    0 0
  4. Joseph Haig
    Coat

    10 networks?

    I'm glad I stick to 192.168 networks.

    0 0
  5. Dave

    Not just websites

    I looked at my firewall log and the number of packets blocked from the 24.64.0.0 netblock exceeds the number of blocked packets from all other IP addresses. So on a sample of 1, 50% of blocked packets are attempts at messenger spam (ports 1026,1027,1028) from that netblock. Perhaps Shaw Cable could address this issue. Certain other specific blocks also feature frequently, so they're not the only ones.

    0 0
  6. Gary Heston
    Flame

    Give me the IP blocks!

    I can't block them by AS number, I can't block them by AS name, give me the blasted IP address blocks so I _can_ block them!

    netgeek

    0 0
  7. Anonymous Coward
    Anonymous Coward

    I beg to differ

    In my experience most SPAM comes from the US, Turkey or sometimes Russia. It looks to me like some US people are compromising Chinese sites to spread malware if you follow the chain back.

    Of course it's popular in the US to blame the Chinese. Of course your network admin could always block all Chinese sites........

    0 0
  8. Dr Patrick J R Harkin

    Ten networks? I thought there was just one big one...

    "Ten networks" in the title become "ten registrars" in the text. I freely admit I have no idea how many registrars would account for half of any selection of sites, so I don't know if 10 is a surprisingly large or small number.

    0 0
  9. Dave N
    Paris Hilton

    here's an idea...

    how about releasing the ip ranges of those networks so we can block them?

    0 0
  10. Anonymous Coward
    Pirate

    I've been saying this for years....

    ... spam-filters, whitelists, blacklists, the lot - it's all a complete waste of time. It's time to take this fight offline and into the IRL world.

    There are only a small number of people engaged in serious spamming and virus attacks, and they all have names and addresses in the real world. The rest of us outnumber them a million to one. We should just kill them all. One quick night of the long knives, and the whole problem is solved for at least a generation.

    0 0
  11. Andy Worth

    Block China and the USA?

    If we block all of the U.S. and Chinese websites, most of the spam problem will be gone!!

    It'll also have the added bonus of ridding our shores of that Facebook thing.

    0 0
  12. Dan Keating
    Linux

    China

    Not surprising China gets a mention. After analysing the IP addresses of people trying to relay off my mail server I found that I could kill 95% of the problem by blocking addresses from this country. Subsequent checking of the logs shows all manner of IP detritus seeking to find "exploit nirvana" on my humble fixed IP.

    Perhaps I have it all wrong and the friendly folk of that nation are just trying to reach out and touch the western community in anticipation of forthcoming olympic games!

    0 0
  13. Dave Edmondston
    Happy

    Hmm...

    There is an easy solution to get rid of phishing websites.

    Just click on:

    http://www.thisisnotaphishingwebsitehonestguv.com.eu:8982/stupidcnut.php

    and input your bank details when prompted. Hey presto, all phishing'll stop. They sell really good viagra 'n all.

    0 0
  14. Andy Worth

    Re:Hmm...

    I tried to go to that site but they'd ran out of Viagra. Stuck my bank details in anyway, as the site said it would guarantee me cheaper shopping on my next visit.

    0 0
  15. Doug Lynn

    Google responsible for 2% that nothing!

    Hi, they must be doing a good job filtering them out, being the biggest search engine otherwise it would be 100%.

    0 0
  16. Mark Simon

    Great Firewall of China

    Here's an idea. Why don't we turn China's firewall backwards. That way, we're protected from all of their malware, and they can find out what's happening in the real world, including the rest of China ...?

    0 0
  17. Anonymous Coward
    Anonymous Coward

    Question for those who know...

    Would it be easier to manage this crap in an IPv6 world?

    0 0
  18. Eric Pinkerton
    Alert

    Would it be easier to manage this crap in an IPv6 world?

    My guess is we will just acrrue a whole host of new problems!

    0 0
This topic is closed for new posts.

Other stories you might like