Security firm Sophos has published its latest report on the top twelve spam relaying countries throughout the third quarter of 2006. This report notes that the US remains at the top of the list, having extended its lead since the last ranking.
Ranked second, China has managed to decrease the amout of spam it relays by nearly seven percent since last quarter. Sophos experts suggest that United State's dramatic lead ahead of the bulk of the list is due to the emergence of more than 300 Stratio worm strains. The mass-spammed worm, also known as Stration or Warezov, is dependent on the victim speaking English as it attempts to convert innocent PCs into members of a spam botnet.
The top twelve spam relaying countries from JUly to September 2006 are :
- United States (21.6%)
- China (inc. Hong Kong) (13.4%)
- France (6.3%)
- South Korea (6.3%)
- Spain (5.8%)
- Poland (4.8%)
- Brazil (4.7%)
- Italy (4.3%)
- Germany (3.0%)
- Taiwan (2.0%)
- Israel (1.8%)
- Japan (1.7%)
- Others (24.3%)
The company noted that most hackers attack through unsolicited email, sent through a zombie PC, which is a set of computers that become spam-spewing bots when infected with Trojans, worms and viruses.
In the past, hackers had relied on vulnerabilities in the operating system to convert clean machines into Zombies, however, recently we have witnessed the resurgence of malware in this process. Hackers are using it to trick users into running malicious code and opening the backdoor of the network to vulnerabilities.
Sophos's research indicates that the UK has dropped out of this quarter's dirty dozen list, taking 13th position, while Israel has entered for the first time at number 11.
The Q3 breakdown of spam relaying by continent follows:
- Asia (34.1%)
- Europe (31.9%)
- North America (24.2%)
- South America (8.3%)
- Africa (1.0%)
- Australasia (0.5%)
Currently accounting for nearly 40% of all spam, emails containing embedded images continue to rise, with the vast majority fueling pump-and-dump stock scams. The use of images, static and animated, gives spammers a better chance of bypassing threat detection as images can successfully navigate past anti-spam filters that only analyze text. Spammers also layer images in a single email, thus creating "noise" that aids in avoiding detection.