The Chinese territory of Hong Kong and the People's Republic of China are home to the largest fraction of malicious Web sites, according to a report published by antivirus company McAfee on Wednesday.
In its report, Mapping the Mal Web Revisited, the company found that the top-level domains with the largest proportion of malicious sites belonged to Hong Kong (.hk) and China (.cn) with the Philippines (.ph) and Romania (.ro) tied for fourth. The company surveyed nearly 10 million heavily-trafficked Web sites around the world and found that 19.2 percent of all Web sites ending in the .hk posed a danger to visitors. Approximately 11 percent of Web sites in mainland China's top-level domain were rated as risky by SiteAdvisor.
In 2007, the domain for the tiny South-Pacific island of Tokelau accounted for the greatest proportion of risky Web sites, McAfee stated.
"For administrators of top-level domains this study should act as a wake-up call," Jeff Green, senior vice president of product development at McAfee, said in a statement. "Last year's report spurred Tokelau's domain manager to reexamine its policies. Not all domain managers are as accommodating so our mission is to educate consumers of the dangers and protect them in every way they enjoy the Web whether through their PC, the Web itself, or mobile phone."
Two years ago, SiteAdvisor data counted five percent of all Web sites as malicious, assigning them "Red" rankings. Last year, the service said that the proportion of Web sites cataloged by search engines and given a malicious ranking dropped to 4 percent.
The proportion of dangerous sites has increased 41 percent over the entire Web, McAfee stated. The study compared the ratings assigned by the company's SiteAdvisor service to sites using the top-level domains of 265 countries as well as generic domains. The report considered a Web site risky if it contained adware, spyware, viruses, spam, excessive pop-ups, browser exploits or links to other dangerous sites.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos