Top Malware Sites and Unsafe Servers Top Malware Sites and Unsafe Servers

Top Malware Sites and Unsafe Servers

by Calyptix, January 27, 2014

Hornet's NestOne would expect sites hosted by big, brand-name providers to be almost free of malware. However, three of the top five malware sites in the world are hosted by Amazon.

The Washington Post recently called Amazon a hornet’s nest of malware. But the ecommerce giant is hardly alone in this.

Malware sites increasingly use services like Google and GoDaddy for hosting, whether by paying for service or by hijacking legitimate sites.

The trends are highlighted in the SERT Quarterly Threat Intelligence Report Q4 2013. Below we highlight the top malware sites, hosting providers, vulnerable server versions, and other issues identified in the report.

 

Top 10 Malware Sites and Hosting Providers

The chart below lists the top 10 malware sites by distribution frequency. Most are associated with adware, according the report.

1 - malware sites and hosting providers

Notice that Amazon hosts 4 of the top 10 sites. Only one other site is hosted in the U.S. For malware distribution by domain, Amazon hosts the top three.

Top 10 ISPs Hosting Malware

This chart represents the top 10 ISPs for malware hosting identified in the last quarter of 2013.

2 - isps hosting malware

Keep in mind: the top 10 account for only 29% of the malware identified. Malware from these providers is getting more common, but more than two-thirds of the problem is outside their walls.

Top 10 Vulnerable Server Versions

A heaping 84% of vulnerable servers used Microsoft Internet Information Services (IIS) 6.0. This server platform is now up to version 8.5.

IIS 5.0 was the runner up but accounted for only 4% of vulnerable servers detected.

3 - vulnerable server versions

 

Top Vulnerable WordPress Versions

Nearly half of all vulnerable WordPress installations had version 3.6 or below. More than one-third were version 3.6.1, and a sizeable chunk were 3.7 and 3.7.1.

The most current version of WordPress is 3.8.1.

4 - vulnerable wordpress versions

how-to-avoid-ransomware-report-CTA

Related Resources

Network Security: Top threats and targets of 2013

 

Image: Shepard Software

4 Comments


Leave a Reply

Your email address will not be published Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*