Report: Spamming Soared in 2006By Brian Prince | Print
Updated: E-mail security firm Commtouch says 85 percent of today's spam comes from remote-controlled "zombie" computers.A report on spam by e-mail security firm Commtouch Software dubs 2006 the "Year of the Zombies."
The study found that "zombies," the name given computers remote-controlled by hackers, can number up to 8 million hosts globally on a given day. As a result, spam volume increased by 30 percent in 2006, according to the report.
Natalie Lambert, an analyst at Forrester Research, said she was unsurprised by the report's findings regarding the prevalence of spam. She added that spamming typically spikes during the holiday when more e-mails are being sent out by businesses.
The report also found that Internet spammers used globally distributed botnets made up of zombie computers in their attacks. Botnet armies with as many as 200,000 zombies sought out poorly protected computers with fast Internet connections, particularly home broadband users. Commtouch's labs estimated that there are between 6 million and 8 million zombie IP addresses active on any given day. Compromised zombie machines come in and out of circulation constantly; approximately 500,000 new PCs are captured and added to zombie botnets each day. A typical botnet can send 160 million spam e-mails in just 2 hours.
After years of declining success at spam detection, traditional anti-spam methods such as content filtering, heuristics and IP blacklisting were finally overcome this year by sophisticated new spam techniques, Commtouch officials said. Spammers outmaneuvered basic IP blacklists by using heavily distributed botnets, and used images and randomization to help messages slip by conventional anti-spam solutions. According to the report, image spam accounted for 70 percent of the spam bandwidth bulge.
"People felt the flood of spam more intensively in 2006, since many anti-spam technologies have not been able to keep up with the spammers' ever-growing bag of tricks," Lev said. "As a result of seeing more spam in their inboxes, end users' awareness of the spam problem is becoming increasingly acute, and they are demanding solutions that block the vast majority of spam with a minimum of false positives."
Editor's Note: This story was updated to include more information from the report.