Global spam levels continue to increase, almost unabated
February 22, 2010
Last week, Internet security firm Message Labs performed its annual security study and found that the already high levels of spam reached almost 88 per cent of all email traffic during last year, with highs and lows of over 90.3 percent in May and well over 73 percent in February, respectively.
Overall email spam levels grew even further compared to the almost 82 per cent spam rate recorded by MessageLabs in all of 2008.
"Today, e-mail spammers have re-engineered malware software to make it less vulnerable to ISP disruption... Trojans and spam bots used to be hard coded with an IP address but now they use domain name rotation using "fast flux" to calculate next domain or P2P techniques. As a result of all this, command and control channels are now more resilient than ever, and this is what is the most troubling to the Internet community," said Paul Wood, MessageLabs Intelligence senior analyst at Symantec.
MessageLabs, an Internet and email filtering service owned by Symantec since May 2009, reports that no less than ten heavyweight botnets, including Cutwail, Rustock and Mega-D, control a combined zombie hoard of at least five million compromised computers.
Not only that, but Cutwail was the worst of the lot and was the first one to be singled out by MessageLabs for close to a third of all global spam or more than 8,480 billion junk mail messages between April and November of last year.
Compromised (read: zombie) computers accounted for well over 80 percent of an estimated global volume of 107 billion junk e-mail messages sent out every day last year.
The shutdown of botnet-hosting ISPs - such as McColo in late 2008 and Real Host in August 2009 - has forced spammers to re-engineer botnets so that the reins of command and control system can be picked up within hours, instead of the weeks of confusion that followed the McColo shutdown.
The global credit crisis, world events and news stories provided the themes of many junk mail runs and malware attacks during 2009. Malware writers were quick to seize on interest generated by the swine flu epidemic and deaths of celebrities, including singer Michael Jackson and actor Patrick Swayze, for example.
In all, MessageLabs successfully managed to stop more than 21 million different types of e-mail spam campaigns last year, more than twice the number recorded in 2008. It also logged a 23 per cent increase in malware variants between 2008 and 2009.
MessageLabs analysts blame the wider availability of malware creation toolkits for most of the increase, they said.
Last year, the now infamous Conficker worm haunted the threat landscape most of the time. An estimated 6 million compromised computers are infected by that malware. But this vast cybercrime resource has remained mostly dormant throughout the year, possibly because the hackers who created it were far more successful than they originally intended and know anything they do with the super-botnet now is likely to bring in a great deal of unwelcome attention!
Overall, the Cutwail spam bot was also used often to send out spam email contaminated with infected attachments carrying the Bredolab Trojan dropper, disguised as an innocent zip file. Computers infected with Bredolab were also used to run botnet agents or spyware on compromised machines.
Spam runs promoting Bredolab-infected messages rose steadily throughout all of last year to reach an October peak of over 3.62 billion Bredolab contaminated emails.
But the average viruses in some spam emails decreased to one in 286.4 emails (0.35 percent) in 2010, compared to one in 143.8 emails (0.70 percent) in 2009.
MessageLabs explains the drop by suggesting that virus authors are putting out a greater number of malware variants, but using smaller virus-contaminated spam runs with each strain.
For all of last year, the average number of new malicious websites blocked each day by MessageLabs rose to 2,465, compared to 2,290 for 2008, an increase of 7.6 per cent.
But about 81.3 percent of the Web threats blocked by MessageLabs came from malicious code planted on legitimate domains, rather than new domains set up purely to promote malware. The volume of phishing attacks blocked by MessageLabs was one in 325.2 (0.31 percent) emails for last year, compared to one in 244.9 (0.41) in 2008, so there was a bit of progress done there as well.
Even though global spam levels appear to have dropped a bit in 2009, there's still no question that it still remains a big problem, and one that ISPs and hosting companies are still fighting with improved technology and better tools.
Source: Message Labs.
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing