According to a report released Monday by antivirus company Sophos, China--including Hong Kong--hosted 44.8 percent of the world's infected sites in August. The U.S. ranked a distant second, hosting 20.8 percent of sites that contain malicious code.
The number of infected Web pages has also grown. Sophos said it detected an average of 5,000 new infected pages each day in the month of August.
The company warned that simply staying clear of sites hosted in the top three countries of China, the U.S. and Russia is not an effective method of avoiding malware.
"Hackers are hijacking Web sites around the world to make them point to malware on sites based in China, the U.S. and Russia," Carole Theriault, Sophos senior security consultant, said in a statement.
Sophos also warned about a sharp rise in spam pointing people to these infected sites. Malicious senders, in an attempt to bypass attachment virus scanners, are using messages that direct people to Web sites with malicious code. Computers get infected when people click on the links in the e-mail message.
"Most malware writers...are using spam and the Web to infect users," Theriault said. "Criminals are hard at work trying to slip past filters at the corporate gateway."
June saw a spike in spam hosted on Chinese domains, when the figure rose from almost zero to 450 spam domains.
Victoria Ho of ZDNet Asia reported from Singapore.