McAfee Q4 Threats Report Finds Political Hacktivism and the Exploitation of Tragedies is on the Rise Worldwide

Malware Levels Climb Higher and China Overtakes the United States as the No. 1 Country for Botnet Zombie Production in Q4
MARKHAM, ON – February 9, 2010 – McAfee Inc. (NYSE:MFE) today unveiled its Q4 Threats Report, which highlights the most significant spam-generating stories in 2009 as well as the rise of political hacktivism in countries like Poland, Latvia, Denmark and Switzerland. Report findings also reveal that 2009 averaged approximately 135.5 billion spam messages per day, yet spam volume decreased by 24 per cent in Q4 compared to Q3.
Spammers utilized headlines heavily in 2009, taking advantage of breaking news stories, global tragedies and timely events. The Air France plane crash and Michael Jackson’s death were among the top tragedies exploited by spammers last year. McAfee researchers also noted a significant number of 2010 FIFA World Cup-themed phishing scams, Zeus Trojans masked as the CDC, referencing the H1N1 vaccine program, and “get-rich-quick” scams due to the rise of U.S. unemployment levels.
Politically-motivated attacks are on the rise around the world, targeting popular social networking destinations, as seen recently with the Iranian Cyber Army’s political attack aimed at Twitter. The report confirms that the United States is not the sole target, nor is China the sole origin for these types of attacks with recent political attacks targeting the Polish government, the Copenhagen Climate Conference and Latvia’s Independence Day.
Malware including fake security software, attacks on social networks, and Auto-Run USB infections, continued to rise significantly last year. Internet-based, Web 2.0-centric attacks and threats on portable storage devices played a huge role in 2009, contributing greatly to the sheer increase in threats and demonstrating how the nature of computer threats are evolving over time. Cybercriminals used social networking sites to target a new generation of victims, with Koobface activity increasing considerably during the latter part of 2009. Koobface is now hosted by servers in 46 different countries, with the U.S., Germany and Denmark making up the top three hosting locations.
“In Q4, we saw spam activity drop, but identified some interesting trends developing in terms of the geographic distribution of cyber threats and the types of threats executed,” said Mike Gallagher, Senior Vice President and Chief Technology Officer at McAfee Labs. “China emerged as the worldwide leader in both zombie production and the execution of SQL-injection attacks, while internet-based attacks played a bigger role and will continue to do so as cybercriminals target the most popular social destinations in 2010.”
China Overtakes the U.S. as No. 1 Country Producing Zombies
Zombie production in the U.S. dropped significantly from 13.1 per cent in Q3 to 9.5 per cent in Q4, making China the top of Zombie-producing country at 12 per cent. Brazil ranked third, with Russia and Germany rounding out the top five countries. The U.S. still remains the number one country in terms of spam production, with Brazil and India taking the number two and three spots. Ukraine and Germany joined the list of top 10 countries producing spam for the first time in 2009.
The Geographic Distribution of Web Threats
North America is the worldwide leader in hosting malicious content, with EMEA in second, followed by Asia/Pacific. In Europe, Germany holds the number one spot, followed by the Netherlands and Italy. China is the chief host for malicious content in Asia, followed by Russia and South Korea. South America is beginning to play a larger role, with Brazil as the top hosting country in that region.
China is the Worldwide Leader in SQL Injection Attacks
Although SQL-injection attacks originate from a number of countries across the globe, China was by far the number one country hosting these assaults at 54.4 per cent. Due to the growing popularity of Adobe applications, McAfee Labs saw a number of client-targeted attack attempts to exploit Flash and Acrobat reader.
For a full copy of the Q4 2009 Threats Report, please visit:

Leave a Reply