Where Does Malware Come From?

Malware is a big business. It is one of the consequences of dealing with an open and free Internet. It is also a consequence of a truly worldwide communication network. Where there are people with money, there are criminals waiting to steal it. With the increasing commercial component of the Internet, criminals are finding new ways of making money from unsuspecting Internet users. There are several questions people have about malware. What is it? Where does it come from? And, can it be stopped?

What is Malware?

Malware is a pretty broad term. It encompasses everything from browser hijacks to ad insertions to viruses and Trojans. Basically, any software that is meant to do your computer harm or cause you financial grief can be classified as malware. Just to put the most common forms of malware on a list, here they are:

  • Computer Viruses
  • Ransomware
  • Worms
  • Trojan horses
  • Rootkits
  • Keyloggers
  • Dialers
  • Spyware
  • Adware
  • Malicious BHOs (browser helper objects that aren’t so helpful)
  • Rogue security software

Where Does Malware Come From?

You’d think that most malware would come from criminal associated places where there is little-to-no regulation on the Internet, like Nigeria, but you’d be wrong. The vast majority of malicious software comes from the United States. Here’s a list of where malware comes from, in order of most to least.

  • United States – 34.2% of all malware
  • China – 11.87%
  • Brazil – 10.3%
  • Russian Federation – 6.4%
  • Spain – 6%
  • North Korea – 4.4%
  • Germany – 3.6%
  • Netherlands 3.2%
  • Latvia – 2.4%
  • France – 1.8%
  • Others 16%

Ironically, or maybe not so ironically, the United States is also the number one receiver all malware by a huge margin: 53.7% of all malware connects to the US. The next on the list is China at 24.8%. That number is sure to switch around in the next few years as more and more of China’s 1.5 billion people get online.

Can it Be Stopped?

This is the question people have been asking for years. The answer is not really. As the Internet develops better controls over malware, the criminal organizations keep transforming the malware to get around those better controls. As they say, if you make a smarter law, all you get is a smarter criminal.

The best defense against malware is better education. Most of this software can be avoided by using common sense. For example, ransomware installs a script on your computer that won’t let you do anything unless you pay to have it removed. Almost all ransomware is installed by the users themselves because of clever advertising, not because of some vicious hacking attempt. This means that better education and using common sense can avoid ransomware altogether.

Malware isn’t going away. The only thing that will change in the next decade is where the malware comes from. Instead of the US being the primary hosting provider of all malware, China will take over, with the rest of the world gaining as well. This will happen because of growing economical forces in those countries, and broader access to the Internet.