September the second week of Network security report: found put horse site domain name 332

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

China IDC report September 18: Recently, according to Cncert sampling monitoring results and national information security vulnerability Sharing Platform (CNVD) published data, from September 3 to September 9, China's Internet network Security index overall evaluation as good.

Among them, the number of hosts infected with network virus in the country is about 1.375 million, compared to last week's quarter-on-quarter decrease of 4.9%, the new network virus family 1, more than last week, the number of modified government web sites in the number of 87, the number compared with the history of a large increase; Compared to last week, the chain fell sharply 34.9%, the number of phishing pages for the domestic website is 249, compared to the last week, a decrease of 23.9%; new information security vulnerabilities 141, compared to last week, the chain reduced 1.4%, of which new high-risk vulnerabilities 28, the chain significantly reduced 58.2%. Below, IDC comments the network with everybody concerns in the period from September 3 to September 9, our country Internet network security condition:

I. Network virus activity

The number of hosts infected with the network virus in the territory is about 1.375 million, down 4.9% from the Quarter-on-quarter last week. Among them, the territory by the Trojan or zombie program control of about 151,000, compared to the chain of the last week, a sharp reduction of 35.2%, the domestic infection of the Conficker worm host about 1.223 million, up from the chain rose by 0.9%.

(1) According to the China Anti-Network Virus Alliance (ANVA) organized the release of active network virus to learn that the use of web pages to hang horses or bundled with the spread of the network virus is a high proportion of viruses still more to exploit system vulnerabilities to attack the system. In this way, we come to understand the malicious virus TOP5 active on the network:

(Figure 1) September 3-September 9 malicious viruses active on the network TOP5

(2) in the network virus capture, Cncert captured a large number of new network virus files, which by the name of the network virus added 64, compared to last week, a sharp reduction of 34.7%; According to the Network virus family statistics added 1, compared to the number of last week increased by 1. Below, we take a look at the top ten Cncert detection of active horse site domain name, active put horse site IP.

(Figure 2) Active horse-TOP10 site domain name

(Figure 3) Active horse-TOP10 site IP

(3) in the network of virus transmission, cncert monitoring found in the site, through the domain name access to a total of 332, through IP direct access to a total of 172. In 332 of the site domain name, registered in the territory of the number of domain names for 68 (about 20.5%), the number of domain names registered abroad 252 (about 75.9%), unknown registrar of the domestic and foreign information of 12 (about 3.6%). The following figure is the distribution of these site names by the top-level domain, the top three is. com (about 50.6%),. info (about 17.2%),. cn (about 8.1%).

(Figure 4) The top-level domain name of 332 horse-putting sites

In addition, the communications industry, the member units of the Internet communication to Cncert 75 malicious domain name or IP (after the heavy), the units submitted to the number of statistics as shown in the following figure.

(Figure 5) The number of malicious top-level domains submitted by each unit

II. website Security

According to Cncert monitoring data, during the statistical period, the number of sites tampered with was 1057. The number of tampered sites in the territory by type distribution as shown in the following figure, the largest number is still a COM class site. Among them, the Gov type website has 87 (approximately occupies the territory 8.2%).

(Figure 6) The number of sites tampered with in mainland China

Summary: In the period from September 3 to September 9, China's Internet network Security index overall evaluation as good. No more serious network security incidents were found. However, users need to pay special attention to the need to strengthen the system in a timely manner to repair and reinforce the installation of security protection software. During the internet, do not easily open the network of unknown sources of pictures, music, video and other documents, do not download and install some unknown software, especially some so-called plug-in programs to prevent network virus infection.

Article by China IDC Review Net original edit, original address: http://www.idcps.com/News/20120918/44560.html (if you need to reprint, please indicate the source)