Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cameroon the New Hotbed of Malware

Posted by samzenpus on from the none-more-infected dept.

garg0yle writes "According to McAfee, more than a third of Cameroon domains (TLD of .cm) are infested with viruses or other not-so-fun party treats. Given that it's very easy to mis-type .com as .cm, this puts the computers of a lot of fat-fingered typists in peril. Second place on the most-infested domains list goes to China (.cn), while Hong Kong (last year's 'winner') is now comfortably middle-of-the-pack."

17 of 92 comments (clear)

  1. Wouldn't it be safer to... by Antony-Kyre · · Score: 3, Insightful

    to just block the whole Net? That way, you can't visit any website, thus avoid all websites hosting malware. Either that or have a patched, updated browser, and use smart surfing habits.

    1. Re:Wouldn't it be safer to... by mysidia · · Score: 5, Insightful

      Blocking .cm can be a helpful step, because it blocks a portion of the hostnames that (A) if you visit has a very high probability of infecting you, and (B) that an intentional visit to is unlikely.

      So you can block .cm with a notable increase in safety, with a minimal decrease in usefulnes of your internet access.

      The same could not be said of blocking the whole net. Blocking the whole net reduces the utility of your network connection, since it means you can no longer navigate to the sites that you do want to, with high probability.

  2. .com default by feedayeen · · Score: 3, Informative

    Most modern browsers insert .com automatically if no top level domain exist in the URL.

  3. I am Naga Eboko, exchange student from Cameroon. by fucket · · Score: 4, Funny

    Beef jerky time.

  4. No, I don't think it is by 93+Escort+Wagon · · Score: 3, Interesting

    Given that it's very easy to mis-type .com as .cm, ...

    I can safely say I've never done this. I've made other errors - such as ending up in Estonia's (.ee) web space on occasion, since I work in an electrical engineering department. But I can't believe leaving out the "o" from ".com" is particularly easy or at all common.

    Now if you wanted to talk about Colombia (.co) being a frequent typo for .com domains, then I might find it more believable. I have done that on rare occasions.

    --
    #DeleteChrome
  5. Re:Mistype by DavMz · · Score: 5, Funny

    I have n "" letter n my keybard, yu insensitive cld!

  6. Yes, but... by InspectorxGadget · · Score: 4, Funny

    ...they make those delightful coconut cookies. I think we can forgive them.

    1. Re:Yes, but... by Opportunist · · Score: 5, Funny

      Hate to break it to you, but those ain't coconut cookies that they sent to your browser...

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  7. Re:Mistype by Anonymous Coward · · Score: 5, Informative

    what about .co, .con, .om?

    .co is Colombia, .om is Oman, but .con doesn't exist.

    They don't seem to be high risk websites.

    What is "they" in that sentence, or did you mean "TLDs" instead of "websites"?

    I also wonder whether slashdot.og is infested with viruses.

    .og doesn't exist. You might want to consult a list of TLDs before you ask a bunch of "what about" questions. Or install a robust browser and try to load the url instead of just wondering about it.

  8. Re:Mistype by jrumney · · Score: 4, Informative

    It depends on the policies of the registrar for those top level domains. Some countries allow free for all registration of domain names, others restrict registration to local companies and citizens only. Also many country tlds require specific sub-domains such as .com.co, which reduce the usefulness of those domains for typo-squatters.

  9. Re:Auto-Correcting Domains by MichaelSmith · · Score: 4, Funny

    I knew a guy called Teh but unfortunately Microsoft tools auto correct that to The.

    --
    http://michaelsmith.id.au
  10. Re:Mistype by grcumb · · Score: 4, Informative

    While I can believe that .cm is a mistype for .com, what about .co, .con, .om? They don't seem to be high risk websites. I also bet that .con is a more common mistype than .cm

    It hardly matters. What many of the press reports (including El Reg) seem to ignore is the second most risky TLD in the world: .com.

    I'll bet you dollars to donuts that, because of the size and popularity of the TLD, .com is significantly more of a threat to the average Internet user than .cm.

    And while we're at it, how about a link to the actual report? (warning: PDF)

    --
    Crumb's Corollary: Never bring a knife to a bun fight.
  11. OpenDNS has an option to fix this by robbak · · Score: 3, Informative

    Opendns has an option to automatically 'correct' .cm requests to .com, which I always turn on. If Cameroon does not want people doing this, then it would have to police it's domain closely, instead of using it as a cash cow.

    --
    Prediction for end of Universe #42: Fencepost error in Quantum_bogosort.cpp
  12. Re:Mistype by Anonymous Coward · · Score: 3, Funny

    .CONNNNNNNNNNNNNNN!!!!!!!

  13. In any case... by BrokenHalo · · Score: 3, Insightful

    In any case, if (as the article claims) one third of Cameroon domains host malware, the implication is that two thirds don't. I would be very curious to know what percentage of US domains host malware.

    Regardless of the answer, the appropriate response is to use a robust browser and block individual sites, not block out whole nations. Otherwise one might just as well move to China.

  14. To that I'll add by Sycraft-fu · · Score: 3, Informative

    That different nations treat their TLDs differently. Some sell them to anyone who wants one. You can register them as long as you are willing to pay whatever fee it is they ask. The .tv domain is one such domain. Others make the domains available, but only to people or organizations that meet certain requirements like citizenship. Canada (.ca) would be one like that. Any Canadian can have a .ca domain if they are willing to pay for it, but non-Canadians can't buy one. Still others only use their domain for government or internal functions. The .us domain was like that at one time. You could get it only as an entity like a county government or a high school or something (it is now open for registration). Finally some countries simply don't do anything with their TLD, it just isn't used at all and there's no way to get it.

    So just because a TLD exists, doesn't mean it can be used for any given purposes.

  15. Re:Auto-Correcting Domains by Tynin · · Score: 3, Insightful

    Maybe because it is a world wide web, and some people who live in the US may not have as limited of interests as you?