McAfee report reveals the most dangerous web domains
by Daniel Whitcomb 
Jun 8th 2008 at 11:00AM
In an era where clicking on the wrong link while browsing the web could mean your account will get hacked, and one of your guild members clicking on the wrong link means your guild bank could get emptied as well, it's always good to protect yourself and keep abreast of web security issues.
In that vein, it's worth checking out a new report released by McAfee called Mapping the Mal Web Report Revisited. It tested 9.9 Million websites in 265 domains to find out which ones had a higher risk of exposing visitors to malware, spam, and malicious attacks via a red, yellow, and green system.
If you're a common browser of the WoW General Forums, you're well aware of the constant barrage of keyloggers that show up far more quickly than Blizzard can shut them down. You might have also noticed that many of them come from the .cn (China) domain. It may not be completely your imaginations, as McAfee's testing reports that 11.8% of all .cn domains are full of bad stuff. It actually only came in second, behind the .hk (Hong Kong) domain. 19.2% of .hk websites came up with a red or yellow alert. Both .hk and .cn surpassed last year's most risky domain, .tk (Tokelau), which had a 10.8% rate of risky sites in the 2007 report (and has only a 1.43% rate this year). Even generic domain types got in on the action. 5.26% of .com sites tested red or yellow, as did 11.8% of all .info sites.
As far as outright malicious exploit code goes, that is, code that will automatically install itself on your computer just for opening the site, McAfee reported that just 0.0717% of sites had that type of code. The Romanian domain .ro ended up one of the most risky in that category, with 1.1% of .ro sites having malicious code. Still, clickable downloads with viruses and spyware were still at a much higher 4.7% of all sites, compared to 3.3% of all sites last year.
Again, you can read the full report here. It has tons of breakdowns on the various risk factors by region, by risk type, and more. Certainly, however, the biggest conclusion you can draw from this report is that it's a jungle out there, and it's only getting worse. Be sure to protect your account and be careful of what you link. Use Firefox and browser extensions such as No Script and Adblock Plus to browse if you can, make sure to keep Flash updated, and check WoW Insider's articles on avoiding keyloggers, protecting your account, and more.
[via Yahoo! News]
Filed under: Analysis / Opinion, News items, Account Security
Reader Comments (Page 1 of 1)
Introit Jun 8th 2008 11:11AM
*Cue intense Firefox vs. IE/Windows vs. Mac debate*
jbodar Jun 9th 2008 2:40PM
All too true. Now what side are you on? That way we can flam- I mean, have a well-reasoned debate with you.
Varus Jun 8th 2008 11:14AM
"Use Firefox and browser extensions such as No Script and Adblock Plus to browse if you can"
Not often you see blogs recommend that since it cuts to their profits, props for WoW Insider on being honest and not greedy.
Good piece of advice, everyone should take it.
Ametrine Jun 8th 2008 12:54PM
Well, not everything has to be about "must have more moneys!!1!", you know.
jbodar Jun 9th 2008 2:41PM
You can disable AdBlock for certain sites, with a couple clicks.
jaenicoll Jun 8th 2008 11:30AM
I have never understood why Blizzard haven't implemented an extra security process to the log on screen like the banks have. You know, the one which asks you to select the 3rd, 5th and 2nd letters from the alphanumeric listing. This security measure would wipe out 99.9% of WoW key logging overnight.
Of course, that would require us all to register a phrase or a second password but who wouldn't be willing to do that?
Kalnn
Eternalpayn Jun 8th 2008 12:07PM
A second password would just as easily be keylogged.
And those messed up letters? They're often beyond the point of readability, and I don't wanna try at some damn letter combination 10 times in one night, making me late for a raid.
Killah Jun 8th 2008 12:28PM
Of course, Eternalpayn, you'd be able to turn this function off if you find it unsuitable.
jaenicoll Jun 8th 2008 12:48PM
For clarification, its not the messed up letters I was referring to but rather the system that requires you to selct a letter from a pulldown menu ie no logger can detect it because it is a selection and not a keystroke.
qoa Jun 8th 2008 2:50PM
If they started using those, while they do seem secure, I'd quit wow. Ever done the Rapidshare ones?
Eternalpayn Jun 8th 2008 5:11PM
Killah, if it could be disabled, they'd just keylog you then disable it.
Jaenicoll, that kind of thing would be keyloggable too, seeing as they can just interfere with the data you send to Blizzard's servers.
Despino Jun 8th 2008 1:02PM
I use KeePass. I never type my password. Don't even know what it is!
Ruva Jun 8th 2008 1:18PM
Not to mention, Flashblock ftw.
Nonsense Man Jun 8th 2008 1:30PM
In another MMO I played Maple Story there was a third piece of information you had to enter. It was the pin it consisted of 4 numbers. When you entered it there was a picture of a keyboard where 0-10 would randomly pop up on the keyboard when you clicked on a number they all rearranged randomly. I would be fine with that. Also I think requiring a password to enter the guild bank could be another option to the Guild Master.
Sirg Jun 8th 2008 1:31PM
You can get infected browsing any domains easy if you don't know how to avoid malicious content. Unfortunately these days, the Internet is a risky place, and many WoW players don't have a clue of how to operate a computer outside of playing WoW. Some don't even know how to install addons.
I think that operating a computer is same with driving a car - you have to know how.. because if you don't, you'll have a crash or something.
McAffee, just wants to sell more of its products so they are scaring people to buy their antivirus :)
Theserene Jun 8th 2008 3:51PM
Having had 2 of our guild members get their accounts hacked due to keyloggers and then act amazed when I told them that yes, such things often DON'T show up on a virus scan, I agree more education is needed. (They asked to be reinstated into the guild before they had even got rid of the infection...they honestly thought it couldn't happen twice)
It just requires common sense. I don't download executables unless I am 100% sure of them (no auto-updaters for my add-ons) and I run script blocking in damn near paranoid mode.
Mind you, I don't run Macafee. AVG for the win :)
syrensilly Jun 8th 2008 3:22PM
go avast..it's free ;) I also have noticed less problems with it than mcaffee or norton. THat and spybot is a nice free option that works quite well. (And ofc Firefox)
Amok2006 Jun 8th 2008 6:48PM
China and Hong Kong servers do not store logs for more than 24 hours in most cases, making any cyber investigation impossible to backtrack.
As for going with another AV client other than McAfee, don't. Why? Because while you can kill the background process and disable firewall/av clients, McAfee uses a trick to stay and operate in memory where it can't be pushed out. No, its not 100% perfect, but I've worked with groups of 4 people who can take over 30 computers in less than 20 minutes...and they had firewalls and av clients. Watching them work shows that nobody is safe.
You can however thwart a lot of things. Having McAfee works well. Having Pharonics Deep Freeze installed is nice as well.
Try checking out writeups of professional white-hat groups, red teams, and security sites that DO NOT belong to a magazine publisher. I read up on Edward Skoudis. He is one of the top notch in the world and used by big name firms. You can also buy his books online (Counterhack) and take classes from him (Hacking) via SANS.org. Imagine a 4 year-old at Christmas. Now, bottle that excitement for 12-16 hour days of talking about hacking and using the tools. Thats Ed.