More malware is now coming out of China than from any other country, according to a new report from Symantec.

The United States still leads the world in the number of malware attacks sent from mail servers. Symantec’s report (PDF) found U.S. mail servers responsible for distributing 36.6 percent of all global malware in March, followed by China at 17.8 percent and Romania at 16.5 percent.

Symantec captured these results by analyzing the IP addresses of sending mail servers. The company uncovered a large amount of malware from the United States in large part because many Web-based e-mail services, such as Gmail and Yahoo Mail, are hosted in the U.S.

Share/Save

How many users access spam emails, click on the links found within, and open attachments intentionally? Why are they doing it, and who are they holding responsible for the spread of malware and spam in general, in between conveniently excluding themselves?

A newly released survey from the Messaging Anti-Abuse Working Group (MAAWG), summarizing the results of the group’s second year survey of email security practices, offers an interesting insight into the various interactions end users tend to have with spam emails.

Share/Save

The sudden takedown of an Internet provider thought to be helping spread one of the most promiscuous pieces of malicious software out there appears to have cut off criminals from potentially millions of personal computers under their control.

But the victory was short-lived. Less than a day after a service known as “AS Troyak” was unplugged from the Internet, security researchers said Wednesday it apparently had found a way to get back online, and criminals were reconnecting with their unmoored machines.

Share/Save

Botnets – networks of compromised computers controlled by hackers known as “bot-herders” – have become a serious problem in cyberspace. Their proliferation has led some to worry that the botnet problem is unsolvable. Under the control of a hacker or group of hackers, botnets are often used to conduct various attacks ranging from denial of service attacks on websites, to spamming, click fraud, and distribution of new forms of malicious software.

At Microsoft, we don’t accept the idea that botnets are a fact of life. We are a founding member of the Botnet Task Force, a public-private partnership to join industry and government in the fight against bots. Given the recent spread of botnets, we are getting even more creative and aggressive in the fight against botnets and all forms of cybercrime. That’s why I’m proud to announce that through legal action and technical cooperation with industry partners, we have executed a major botnet takedown of Waledac, a large and well-known “spambot.” The Wall Street Journal has a story on the case today (subscription required).

The concept of a botnet can be difficult to grasp. The infographic below explains how these nefarious programs work by hijacking thousands of computers, usually without their owners’ knowledge.

Share/Save

The targeted attacks that hit Google, Adobe, and other U.S. organizations are still ongoing and have affected many more companies than the original 20 to 30 or so reported by Google and others.

Security experts who have worked on forensics investigations and cleanup of the victim organizations from the attacks that originated out of China say they are also getting closer to identifying the author or authors of the malware used to breach Google and others.

“The attack called Operation Aurora is larger than just [the attacks acknowledged at the] 30 companies. That attack is still in operation and is much larger,” says Greg Hoglund, founder and CEO of HBGary, which today published a report on Operation Aurora that recaps where things stand with the investigation.

Share/Save