• silicon.com
• Technology
• Security

By Tom Espiner, 7 February 2008 09:00

NEWS

European spam networks have pumped out more unsolicited mail than the US for the third month in a row, according to security vendor Symantec.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

The security vendor called this a "significant shift" in spam trends as, historically, compromised US computers have been used to send spam mail, and many spammers have been US-based.

Fredrik Sjostedt, one of Symantec's European product marketing managers, told silicon.com sister site ZDNet.co.uk that Symantec suspects gangs are taking advantage of the increasing European broadband market.

Sjostedt said: "The penetration of broadband is tremendous in Europe. We've now clearly overtaken the US in sending spam."

Symantec also believes many spammers are now based in Europe. "Historically the majority of spammers were US-based but now we're seeing a lot of Eastern European and Russian spam gangs active. Spammers tend to use closer turf as a jump off point."

More broadband means compromised computers can send spam faster, while gangs are increasingly becoming organised, said the Symantec manager.

Sjostedt said: "We've moved away from traditional, individual spammers, to loosely tied groups of spam senders, malware coders and people selling access to botnets."

The largest botnet sending spam is Storm, said Sjostedt. Storm is a network of compromised computers with sophisticated attack and defence mechanisms, including "fast-flux" command and control servers, which frequently change location.

He said: "Storm is the most prevalent distribution method [for spam]." While most spam relays are in Europe, botnets are global phenomena, Sjostedt pointed out.