McAfee notes malware becoming localized 26 February, 2008 By Vanessa Ho

"Two years ago we couldn't have this conversation, as 98 per cent of threats globally were written in the English language or targeted at the English language. Contrast that to last month where seven per cent of attacks were not in English. It just really means more and more people around the world are getting attacked in their local language," said Dave Marcus, security research and communications manager at McAfee Avert Labs.

Some of the trends noted in the report, entitled "One Internet, Many Worlds," include sophisticated malware authors have increased country-, language-, company-, and software-specific attacks and that cyberattackers are increasingly attuned to cultural differences and tailor social engineering attacks accordingly. For example, Marcus noted that attackers targeting people in Germany developed spam geared towards specific cultural interests or events such as the 2006 FIFA World Cup.

Additionally, cyber criminals, particularly those in the United States, will recruit malware writers in countries with high unemployment and high levels of education such as Russia and China in order to get them to write malware code in their local language.

"It is going to be difficult for malware writers in the U.S. to write effective malware to target Chinese people. They need someone that speaks Chinese so they get someone local or contract that task out," said Marcus.

Other trends noted include cybercriminals taking advantage of countries where law enforcement is lax and that around the world, malware authors are exploiting the viral nature of Web 2.0 and peer-to-peer networks. Also, more exploits than ever before are targeted at locally popular software and applications.

Geographic trends include the U.S. becoming a great malware melting pot where malware in the country includes elements of malicious software seen around the world.

Marcus said the best defense against these localized attacks is education along with having up-to-date security technology.

"If you are a world traveler you got to be aware that certain parts of the world will experience certain threats that may not be in other parts of the world. I need to be educated so I can take action on it or that I am appropriately protected," he added.

As well, Marcus believed that these localized malware attacks are here to stay and expects the number of attacks to double over the next year.

"It speaks to the fact that more people around the world are coming online and if you really want to steal their identities you have to talk to them in their local language. It is just going to be an even greater problem in the future," said Marcus.