US tops cybercrime league

More than 80 per cent of Web addresses containing malicious code are hosted from the US.

Figures from security firm Finjan debunk claims that less developed nations are responsible most web-based crime.

Last week, Symantec highlighted that most of the world's malicious code is coming from US, China and Germany.

Finjan says much is also sourced in the UK. It analysed more than 10 million unique URLs based on live web traffic recorded in the UK, discovering that because commercial interests are driving much of e-crime most malicious code was hosted on local servers in the US and the UK.

Finjan also found that tracking malicious code is getting harder, with more than 80 per cent of it using code obfuscation techniques to bypass many anti-virus products.

"The results of this study shatter the myth that malicious code is primarily being hosted in countries where e-crime laws are less developed," stated Yuval Ben-Itzhak, CTO at Finjan.

"Our research shows that malicious content is much more likely to show up on a local server than one in Asia or Eastern Europe. Unfortunately this means that the traditional location-based reputation heuristics are decreasingly effective against modern attacks."

The research, Worldwide Distribution of Content with Malicious Code, also found that people are as likely to encounter malicious code on legitimate Web sites as they are on less savoury Web sites.

Ben-Itzhak added: "The fact that malicious code is just as likely to be found in legitimate categories as in questionable categories means that security products that rely solely on URL categories to block access to malicious sites are no longer effective."

You can find the full report here.