By Martin H. Bosworth
ConsumerAffairs.Com
June 26, 2008
If worrying about lead-tainted toys, poisonous dog food and other unsafe products from China wasn't enough, now Web surfers need to be on the alert -- the vast majority of Web sites infected with "badware," programs that can hijack your computer or "phish" for your personal information, originate in China.
StopBadware.org, the "neighborhood watch" project designed to provide consumers information on identifying and avoiding dangerous Web sites, released its May 2008 compilation of badware sites on June 24.
The project gathered its data from studying over 200,000 badware sites identified via Google, one of the project co-sponsors.
Fifty-two percent of the sites were identified as originating in China, with the United States a distant second at 21 percent and all other nations at no more than four percent apiece.
The project researchers then measured the number of badware sites identified against the number of Internet users in the country per million citizens. China was again the clear leader with 689 dangerous sites per 1 million Internet users, followed by Russia with 307 and the United States with 212.
The majority of companies that hosted dangerous sites or sites filled with "badware" in China were Internet service providers (ISPs), which provided available bandwith and hosting services for customers to use, regardless of purpose. The StopBadware.org researchers noted that the majority of badware sites were concentrated in a few network "blocks," reflecting "a more centrally-controlled Internet infrastructure in China, in contrast to the highly distributed infrastructure in the U.S."
Given the profits to be made from hijacking Web surfers' information, the researchers noted, China had a "lack of economic incentives for Chinese hosting providers and site owners to inform their users of infected sites and/or to take action to clean or remove these sites."
Ironically, StopBadware.org had identified Google itself as the top distributor of malware and other dangerous programs in the U.S., due to cybercriminals using its Blogger service to host blogs or Web sites containing spyware. The report listed 4,261 Web sites hosted by Google that contained some form of badware or spyware.
"Because we're very aggressive and very proactive in preventing and detecting harmful content placed on our services, the Blogger numbers are disproportionately higher than they would be on non-Google properties," Google said. "Given that there are millions of active blogs in our network, 4,261 is just a very small percentage of the total blogs."
StopBadware.org had previously identified well-known file sharing service Kazaa and "download manager" MediaPipe as dangerous utilities that may cause harm to users' computers. MediaPipe powered the Movieland Internet download service, which brought complaints from customers that it installed adware and pop-ups on their machine that they couldn't get rid of without causing harm to their machine.
