A report on spam by e-mail security firm Commtouch Software dubs 2006 the “Year of the Zombies.”
The study found that “zombies,” the name given computers remote-controlled by hackers, can number up to 8 million hosts globally on a given day. As a result, spam volume increased by 30 percent in 2006, according to the report.
“Spam outbreaks got bigger, faster and smarter during 2006,” Amir Lev, president and chief technical officer for Commtouch, based in Netanya, Israel, said in a statement. “Innovative spammers quickly developed new techniques to bypass common anti-spam technologies and amassed huge zombie botnets. Outbreaks have become so fast, massive and sophisticated that most anti-spam solutions had great difficulty defending against them.”
Zombie activity, the report found, accounts for 85 percent of the spam circulating the Internet. Multiwave image-spam outbreaks brought spam bloat to 1.7 billion MB per day. eBay and PayPal remain top targets for fraud, their names being used in 50 percent of all phishing attempts, the report said.
Natalie Lambert, an analyst at Forrester Research, said she was unsurprised by the reports findings regarding the prevalence of spam. She added that spamming typically spikes during the holiday when more e-mails are being sent out by businesses.
The report also found that Internet spammers used globally distributed botnets made up of zombie computers in their attacks. Botnet armies with as many as 200,000 zombies sought out poorly protected computers with fast Internet connections, particularly home broadband users. Commtouchs labs estimated that there are between 6 million and 8 million zombie IP addresses active on any given day. Compromised zombie machines come in and out of circulation constantly; approximately 500,000 new PCs are captured and added to zombie botnets each day. A typical botnet can send 160 million spam e-mails in just 2 hours.
After years of declining success at spam detection, traditional anti-spam methods such as content filtering, heuristics and IP blacklisting were finally overcome this year by sophisticated new spam techniques, Commtouch officials said. Spammers outmaneuvered basic IP blacklists by using heavily distributed botnets, and used images and randomization to help messages slip by conventional anti-spam solutions. According to the report, image spam accounted for 70 percent of the spam bandwidth bulge.
“People felt the flood of spam more intensively in 2006, since many anti-spam technologies have not been able to keep up with the spammers ever-growing bag of tricks,” Lev said. “As a result of seeing more spam in their inboxes, end users awareness of the spam problem is becoming increasingly acute, and they are demanding solutions that block the vast majority of spam with a minimum of false positives.”
Editors Note: This story was updated to include more information from the report.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.