Europe still top source of spam

European spam networks have pumped out more unsolicited e-mail than those in the U.S. for the third month in a row, according to security vendor Symantec.

Symantec called this a "significant shift" in spam trends as, historically, compromised U.S. computers have been used to send spam, and many spammers have been U.S.-based.

Fredrik Sjostedt, one of Symantec's European product marketing managers, told ZDNet UK on Tuesday that Symantec suspects gangs are taking advantage of the increasing European broadband market.

"The penetration of broadband is tremendous in Europe," Sjostedt said. "We've now clearly overtaken the U.S. in sending spam."

Symantec also believes many spammers are now based in Europe. "Historically the majority of spammers were U.S.-based, but now we're seeing a lot of Eastern European and Russian spam gangs active. Spammers tend to use closer turf as a jump off point," Sjostedt said.

More broadband means compromised computers can send spam faster, while gangs are increasingly becoming organized, said the Symantec manager.

"We've moved away from traditional, individual spammers, to loosely tied groups of spam senders, malware coders, and people selling access to botnets," Sjostedt said.

The largest botnet sending spam originated with the Storm worm, Sjostedt said. Storm is a network of compromised computers with sophisticated attack and defense mechanisms, including "fast-flux" command and control servers, which frequently change location.

"Storm is the most prevalent distribution method" for spam, Sjostedt said. While most spam relays are in Europe, botnets are global phenomena, he pointed out.

Tom Espiner of ZDNet UK reported from London.

[hadaso]

Zombies are everywhere

If Europe has more zombies it just means it has more computers online so more of them are infected. Spammers everywhere use zombies everywhere they can be found, not just zombies in their own region.<br /><br />The fact that the zombies are located in one country or another and the fact that the people controlling these botnets of zombie PCs are located in some other country shouldn't matter too much. The people that hire their service are usually sending their advertising to recipients in the same country they live in. They hire services from those who steal them (use of compromised PCs to have someone else pay for the hardware and network resources used for sending, and use of fake sender credential to have someone else pay for the handling of returned mail) and the fact that they hire and pay for these services should be enough to accuse them and punish them for these crimes.<br /><br />For some strange reasons law authorities accept it as normal that organizations can hire these services from unreachable parties, give those parties money as payment for committing crimes and go clean because somehow only those unknown people in other jurisdiction are liable. If someone in country A hire the services of someone in country B to commit crimes against owners of computers in countries C and D to send spam to recipients in country A the party in country A that benefits from the hired services should be punishable in country A for the crimes committed. They are the ones who are causing the crimes to be committed. The viruses are spread to serve them in return for their money. So it doesn't matter if the botnets and their operators are located in Europe, the US, the far east or wherever. Those who hire them are located where they can be found by reading their ads and should be punished for knowingly buying these services. It is quite well known nowadays that most spam is being sent by breaking into computers and stealing their resources, and those who hire such services should be required to avoid these methods.

[hassan_bin_sober]

Spamski

The Russians are ******* Zhopa morons anyway!

[wbenton]

Since When?

Last time I checked, the US was #1 with China following a close 2nd.<br /><br />So since when did Europe gallop in front of both China and the US to take the lead?<br /><br />What sources back that up?<br /><br />Walt

[ferretboy88]

russia=trash

Russia is the number 1 kiddie porn place. What a bunch of scumbags.

[RDP_Home]

ICANN rules are the reason for SPAM

SPAM would be significantly reduced if some guidelines for Domains were enacted.<br />1. Allowing someone to register 100 domains makes SPAMMING easy.<br />2. Allowing someone to register 100 domains with fake information and giving them 15 days to correct the "errors" makes SPAMMING easy.<br />3. Allowing someone to register 100 domains with fake information for web addresses and 100 domains for Name Servers with fake information makes SPAMMING easy.<br />4. Allowing someone to register multiple domains and allowing them to send email from one network, host the domain (or hijack a server) on another network, and hide the Name Servers on another network makes SPAMMING easy.<br />5. Make Registrars verify registration information (not just the credit card payment) BEFORE they activate the domain. And make them responsible for the use of that domain!<br />6. Giving a customer absolute control over the name servers makes it easy for them to move the site selling fake Viagra on a daily basis. A domain name server should have the same name as the website and pointers should not be easily changed by the customer.<br />7. The process should be: Register a domain; buy a block of IP addresses; build an email server; build a web server. If you can't do that then you have no legal business on the Internet!<br /><br />A legitimate ebusiness does not need to register multiple domains and does not need to move those domains on a daily basis. Legal eBusinesses would not suffer from restricted rules; but the SPAMMERS would and the get-rich-quick artists would as well. Thank you; but you are not needed on the Internet.<br /><br />The liberal rules of domain registration need to be changed. It is obvious that what was meant to be an open process has become a master key to the Internet criminals. They are simply "ab"-using the freedom they have been given. For this reason, those rights need to be restricted.

[Seaspray0]

I am in agreement with RDP_Home. So, who runs ICANN? It's an international organization made up of members from around the world; they bicker, complain and do little to make the internet better. After seeing how badly they've botched the rules and made it easy for spammers, I'm also in total agreement that the USA should not turn over control of the world's DNS to ICANN.