The biggest spammers
In January Trend Micro had reported a largereduction of spam volumes after some of main botnets were removed:
[T]he number of spam constantly decreased in the middle of March 2011, following the decline during the 2010 holidays. Our researchers believe this could be attributed to the Rustock takedown. They developed a signature to identify spam originating from the botnet and found that in an hour after its takedown, the amount of traffic matching Rustock’s signature dropped by 99.97 percent.
The Rustock takedown severely reduced the spam volume close to the lowest number we previously recorded during the 2010 holidays. This shows that the overall spam volume on a monthly basis fell by about 40 percent compared with the highest number in October 2010. Before the plunge in December 2010, the spam volume remained relatively stable with little growth variations throughout the first half of 2010. Though the plunge appeared counterintuitive, considering the usual surge that takes advantage of the holiday online shopping spree, the low spam volume could be attributed to a decline in Rustock’s activity. Because the spambot accounts for half of the overall spam volume, a decline in its activity automatically produced noticeable results.
The current state will eventually change, especially as spammers now focus on creating more targeted messages, aiming for “quality over quantity.”
The report went on to say that after the Rustock takedown no single country dominated the spam traffic, but India and Russia were jointly the top spammers with about 8% of the global spam originating in each, while 7% of the global spams being sent out from the USA.
Today, NDTV reports a worrying trend:
Twenty per cent of the spam mails that were sent out worldwide in the quarter ended March 31, 2012, originated in India, according to a study by security software firm Trend Micro.
“The quarter’s top spam-sending countries included India at 20 per cent, Indonesia at 13 per cent, South Korea at 12 per cent and Russia at 10 per cent,” the report said.
The report added that attacks are now more of a long-term, on-going campaign, versus the typical ‘smash-and-grab incidents’ favoured by cybercriminals in the past.
“The number of targeted attacks has dramatically increased. Unlike largely indiscriminate attacks that focus on stealing credit card and banking information associated with cybercrime, targeted attacks noticeably differ and are better characterised as ‘cyber espionage’,” Trend Micro Country Manager India and SAARC Amit Nath said.
The report said cybercriminals are also capitalising on the growth of Android-based smartphones and this quarter’s report identified about 5,000 new malicious Android apps
Indian PC and smartphone users are notoriously lax about security, often sending passwords in cleartext over mail. Is this new trend an indication that zombie networks are spreading across India?