SAN JOSE, Calif. -- Finjan, a leader in web security products, today published the latest findings from its Malicious Code Research Center (MCRC). In its Web Security Trends Report (Q1 2007), Finjan summarizes the analysis of more than 10 million (10,000,000) unique URLs based on live web traffic recorded in the UK. The most important findings from Finjan's ongoing research are:
.As commercial interests continue to drive e-crime, malicious code is more likely to be hosted on local servers in the US and UK than in countries with less developed e-crime law enforcement policies. .A continuing evolution in the complexity of attacks, specifically the increasing use of code obfuscation using diverse randomization techniques. Over 80% of the malicious code detected by Finjan was obfuscated, making it virtually invisible to pattern-matching/ signature-based methods in use by anti-virus products. .Increasing sophistication at embedding malicious code within legitimate content (e.g., ad delivery and translation services) and less dependence on outlaw servers in unregulated countries.
Finjan's detection and analysis is based on its unique and proprietary methods for analyzing executable code embedded in web content for malicious or dangerous intent. These methods excel in detecting malicious code without depending on location, reputation or a priori signature information.
The Worldwide Distribution of Content with Malicious Code Finjan's research, based on information gathered by its real-time content inspection engines, clearly demonstrates that malicious code is not just an issue of outlaw servers in countries with weak laws and lax enforcement. Ninety percent (90%) of the URL's containing malicious code that were discovered in this UK-focused study resided on servers located in the US or UK.
"The results of this study shatter the myth that malicious code is primarily being hosted in countries where e-crime laws are less developed," stated Yuval Ben-Itzhak, CTO at Finjan.