McAfee's "Q4 Threats Report", issued today, shows that China is not the sole origin for zombie computer hacking attacks at the same time as Chinese authorities trumpet the arrest of a hacking gang.
Mike Gallagher, senior vice president and chief technology officer at McAfee Labs, stated: "China emerged as the worldwide leader in both zombie production and the execution of SQL-injection attacks, while Internet-based attacks played a bigger role and will continue to do so as cybercriminals target the most popular social destinations in 2010."
According to McAfee, zombie production in the U.S. dropped significantly from 13.1% in the third quarter to 9.5% in fourth quarter, making China the top of Zombie-producing country at 12%. Brazil ranked third, with Russia and Germany rounding out the top five countries. Although SQL-injection attacks originate from a number of countries across the globe, China was by far the number one country hosting these assaults at 54.4%. Due to the growing popularity of Adobe applications, McAfee Labs saw a number of client-targeted attack attempts to exploit Flash and Acrobat reader.
Police in Hubei province in China have recently taken down the Black Hawk Safety Net, a hacker training website that publicly provides illegal computer programs to its members. After about six months of investigations, the police sealed Black Hawk Safety Net, arrested three of its main suspects, froze more than CNY1.7 million in funds involved and confiscated nine severs, five computers, a Honda Accord car and related certificates.
Reportedly the largest hacker training website in China, Black Hawk Safety Net publicly offered various hacking technology services and provided thousands of trojan horse software applications to its paid members. Since 2005, the website has recruited more than 12,000 paid members and 170,000 ordinary members.
This is the second major case that Hubei police have identified since the Worm.WhBoy case was uncovered in 2007.