June 25, 2008 -- (WEB HOST INDUSTRY REVIEW) -- When "badware" researcher Stopbadware.org (stopbadware.org) released a report on Tuesday identifying the top countries and networks responsible for hosting what it describes as "badware," it identified Google as the largest source outside of China.
Level 1 PCI DSS Certified Service Provider! DataPipe delivers the best network & support; top tier data centers; New York metro, Silicon Valley, London, Hong Kong, Shanghai. DataPipe - Personal Touch, Global Reach.
The report, which describes "badware" as "spyware, malware, and deceptive adware," identified Google as the fifth largest host, and the top US host, with 4,261 infected sites. Other US hosts identified included SoftLayer (softlayer.com) and The Planet (theplanet.com), with 3,507 and 3,166 infected sites, respectively.
The rate of infection at SoftLayer and The Planet, both major providers of unmanaged dedicated servers, is likely the result of the large reseller presence at both companies.
"SoftLayer and ThePlanet.com offer data center services and/or dedicated, self-managed hosting," says the report, "indicating that they do not control the content of many systems operating on their networks. Both companies, however, have acceptable use policies for their customers and have expressed an interest in investigating potential violations of these policies."
Google, which was not present in the organization's findings in 2007, has become more of a source as online criminals have turned to its Blogger service to host their malicious content. According to Stopbadware.org, Blogger has become more popular because the service is free and enables users to include malicious links or in some cases malicious code.
Stopbadware.org, which is sponsored in part by Google, and which uses raw data collected by Google to produce its reports, includes a bit of a Google apologist note at the end of the report, saying Google "tells StopBadware.org that when a Blogger site is identified as badware by their Safe Browsing initiative, the site is immediately reported to Google's Blogger group and the site is disabled."
But critics of Google say the infection problem runs deeper. A PCWorld report says security experts note the security problems at Google have been known for several years, and the company has yet to take a significant step toward solving them.
The article quotes Robert Hansen of security consultancy SecTheory.org as saying Google could make changes to Blogger that would cut down on malicious applications, but hasn't because those steps might limit the functionality the service offers to honest users. Hansen offers MySpace as an example of an extremely popular free service that doesn't have nearly the security problems of Blogger.
The bulk of the report discusses the distribution of badware by country, with 52 percent of the Internet's badware originating in China, 21 percent in the US and no other country hosting more than 4 percent of the sites.
A chart from the report showing the geographic distribution of sites infected with badware.
Of the top 10 hosts list, six are located in China, including the top four. Stopbadware.org says that while it is a significant contributor, the US's rate of infection is proportionally average.
The report doesn't identify a reason for China's disproportionate contribution, although it hypothesizes that "part of the reason for this could be the lack of economic incentives for Chinese hosting providers and site owners to inform their users of infected sites and/or to take action to clean or remove these sites."
