August First week network security Report:. org into the most active malicious top-level domain

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Recently, according to the Cncert sampling monitoring results and national information security vulnerability Sharing Platform (CNVD) published data, from August 1 to August 7, China's Internet network Security index overall evaluation as good. Among them, the number of hosts infected with network virus in the country is about 420,000, compared to last week, the number of the chain significantly reduced by about 20.7%; no new network virus family, the number of tampered government sites in the territory of 50, compared with 35 last week, increased by 15, new information security vulnerabilities 120, compared with the number of new last week, increased by 25, The number of high-risk vulnerabilities was 59, up from 24 last week. Below, IDC comments the network with everybody concerns in the period from August 1 to August 7, our country Internet network security condition:

I. Network virus activity

The number of hosts infected with the network virus in the territory is about 420,000, a sharp drop of about 20.7% from last week's chain. Among them, the territory was Trojan or zombie program control of about 63,000, the chain reduced by about 0.7%, the domestic infection of the Conficker worm host about 350,000, the chain significantly down about 23.5%.

(1) According to the China Anti-Network Virus Alliance (ANVA) organized the release of active network virus to learn that the use of web-horse, software fake and bundled download to spread the proportion of network viruses, viruses are still more to exploit system vulnerabilities to attack the system. In this way, we come to understand the malicious virus TOP5 active on the network:

(Figure 1) August 1-August 7 malicious viruses active on the network TOP5

(2) on the network virus capture, Cncert obtains a large number of new network virus files through various channels, in which the number of new network virus names is 86, which decreases by 17.3% from last week's new quantity; no new network virus family was found. Below, we look at Cncert detected the top five active horse site domain name, active put horse site IP.

(Figure 2) Active horse-TOP5 site domain name

(Figure 3) Active horse-TOP5 site IP

(3) In the network virus in the process of transmission, often need to use hackers register a large number of domain names. In this virus detection, ANVA focus on a number of malicious domain names for network virus transmission, and statistics of active malicious domain name of the top-level domain name and the main registered domain name agencies.

(Figure 4) Active malicious domain name of the top-level domain name and geographical distribution

(Figure 5) Active malicious domain names distributed by registered institutions

II. website Security

According to the Cncert monitoring data, during the statistical period, the number of tampered sites in the territory was 445, down from last week's quarter-on-quarter decrease by about 15.6%. The number of tampered sites in the territory by type distribution as shown in the following figure, the largest number is still. com and. com.cn Domain name Web site. There are 50 gov.cn domain names (about 11% of the territory), which has increased by 15 over the last week.

(Fig. 6) The Quantity distribution map of the tampered websites in mainland China

Summary: In the period from August 1 to August 7, China's Internet network Security index overall evaluation as good, as in recent years, no more serious harm to the network security incidents. However, users still need to pay special attention to the need to strengthen the system in time to repair the loopholes and reinforce the installation of security protection software. During the internet, do not easily open the network of unknown sources of pictures, music, video and other documents, do not download and install some unknown software, especially some so-called plug-in programs to prevent network virus infection.

Article by China IDC Review Net original edit, original address:

Http://www.idcps.com/News/20110816/29016.html (if you want to reprint, please specify the source)