Hosting providers are in a war against malware. They do not want to host malicious sites. The battle is constant and always in flux.
By watching for shifts in the battlefield, you can anticipate attacks and prepare defenses for yourself and your clients.
Top ISPs with malicious sites
Amazon’s struggle against malware continues, according to the latest Solutionary SERT Quarterly Threat Intelligence Report. Its share of malicious sites nearly tripled, now at 41% of the total worldwide.
Out of the more than 21,000 providers shown to host malware, these 10 account for 52% of the total.
However, it needs to be said: these 10 seem to fight the enemy better than the industry as a whole. Each company’s share of the hosting market is greater than its share of malicious sites.
One provider may have outflanked malware. GoDaddy fell to #9 of the top 10 providers, down from #2 at the end of 2013. It’s now responsible for only 2% of the total.
Top countries with malicious sites
The U.S. hosts a greater share of malware than ever, now with 56% of malicious hosts worldwide.
The U.S. appears to be a den of digital thieves. However, it also hosts a majority of all websites worldwide. It’s share of malware hosting appears proportional to its marketshare, according to the study.
Top malicious file types
An overwhelming 84% of all malware files were associated with PE32 and HTML file types. HTML grew to represent more than half of all samples detected.
The top two types traded rankings compared to six months earlier. Combined they account for a roughly equal share of malware files as before.
Other notable changes include a quadrupling of malware based on MS-DOS executable files, now associated with 8% of the total. XML files dropped from 3% to less than 1%.