January First week network security report: found put horse site domain name 443

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

China IDC report January 10: Recently, according to Cncert sampling monitoring results and national information security vulnerability Sharing Platform (CNVD) published data, from December 31 to January 6, China's Internet network Security index overall evaluation as good.

Among them, the domestic infected with Trojan or zombie virus hosts about 1.162 million, compared to last week, decreased by 19.2%; no new network virus family; The number of government sites tampered with is 493, up 1.2% from last week; the number of government websites implanted in the back door is 34, Compared to last week's chain significantly reduced by 60.5%; The number of phishing pages for domestic websites is 856, down 21.3% from last week; new information security vulnerabilities 116, increased by 16% from the ring last week, the new high-risk vulnerabilities 30, compared to last week's quarter-on-quarter reduction of 28.6%.

Below, IDC comments the network with everybody concerns in the period from December 31 to January 6, our country Internet network security condition:

I. Network virus activity

The number of hosts infected with the network virus in the territory is about 1.162 million, down 19.2% from last week. Among them, the territory by the Trojan or zombie program control of about 289,000, compared to the chain fell 23.8% last week, the domestic infection of the flight (Conficker) worm host about 873,000, compared to last week, the chain decreased by 17.6%.

(1) According to the China Anti-Network Virus Alliance (ANVA) organized the release of active network virus to learn that the use of web pages to hang horses or bundled with the spread of the network virus is a high proportion of viruses still more to exploit system vulnerabilities to attack the system. In this way, we come to understand the malicious virus TOP5 active on the network:

(Figure 1) December 31-January 6 malicious viruses active on the network TOP5

(2) in the network virus capture, Cncert captured a large number of new network virus files, which by the name of the network virus added 52, compared to last week, decreased by 17.5%; According to the Network virus family statistics no new. Below, we take a look at the top ten Cncert detection of active horse site domain name, active put horse site IP.

(Figure 2) Active horse-TOP10 site domain name

(Figure 3) Active horse-TOP10 site IP

(3) In the network virus transmission, cncert monitoring found in the horse-placing site, through the domain name access to a total of 443, through IP direct access to a total of 146. In 443 of the site domain name, registered in the territory of the number of domain names for 92 (about 20.8%), the number of domain names registered abroad 318 (about 71.8%), unknown registrar of the domestic and foreign information of 33 (about 7.5%). The following figure is the distribution of these site names by the top-level domain, the top three is. com (about 57.8%),. info (about 11.5%),. cn (about 10.4%).

(Figure 4) The top-level domain name of 443 horse-putting sites

In addition, the communications industry, the member units of Internet communications to cncert a total of 5 malicious domain name or IP (after the heavy).

II. website Security

According to the Cncert monitoring data, during the statistical period, the number of tampered sites in the territory was 6,467, up from the chain last week increased by 2%. The number of tampered sites in the territory by type distribution as shown in the following figure, the largest number is still a COM class site. Among them, the Gov type website has 493 (approximately occupies the territory 7.62%), compared to last week the chain increase 1.2%.

(Figure 5) The number of sites tampered with in mainland China

Summary: In the period from December 31 to January 6, China's Internet network Security index overall evaluation as good. No more serious network security incidents were found. However, users need to pay special attention to the need to strengthen the system in a timely manner to repair and reinforce the installation of security protection software. During the internet, do not easily open the network of unknown sources of pictures, music, video and other documents, do not download and install some unknown software, especially some so-called plug-in programs to prevent network virus infection.

Article by China IDC Review Net original edit, original address: http://www.idcps.com/News/20130110/48799.html (if you need to reprint, please specify the source)