February 6, 2008 6:40 AM PST
Europe still top source of spam
- Related Stories
Cracking open the cybercrime economyDecember 14, 2007
Security expert: Storm botnet 'services' could be soldOctober 16, 2007
'Storm worm' rages across the globeJanuary 19, 2007
Europe calls for concerted fight against spamNovember 28, 2006
- Related Blogs
Spam continues to increase, Symantec says
February 5, 2008
Phishers now leasing the Storm worm botnet
January 9, 2008
Storm worm rivals world's best supercomputers
September 7, 2007
Symantec called this a "significant shift" in spam trends as, historically, compromised U.S. computers have been used to send spam, and many spammers have been U.S.-based.
Fredrik Sjostedt, one of Symantec's European product marketing managers, told ZDNet UK on Tuesday that Symantec suspects gangs are taking advantage of the increasing European broadband market.
"The penetration of broadband is tremendous in Europe," Sjostedt said. "We've now clearly overtaken the U.S. in sending spam."
Symantec also believes many spammers are now based in Europe. "Historically the majority of spammers were U.S.-based, but now we're seeing a lot of Eastern European and Russian spam gangs active. Spammers tend to use closer turf as a jump off point," Sjostedt said.
More broadband means compromised computers can send spam faster, while gangs are increasingly becoming organized, said the Symantec manager.
"We've moved away from traditional, individual spammers, to loosely tied groups of spam senders, malware coders, and people selling access to botnets," Sjostedt said.
The largest botnet sending spam originated with the Storm worm, Sjostedt said. Storm is a network of compromised computers with sophisticated attack and defense mechanisms, including "fast-flux" command and control servers, which frequently change location.
"Storm is the most prevalent distribution method" for spam, Sjostedt said. While most spam relays are in Europe, botnets are global phenomena, he pointed out.
Tom Espiner of ZDNet UK reported from London.
7 commentsJoin the conversation! Add your comment