US Hosts the Highest Percentage of ZeuS Command and Control Servers

According to statistics gathered by Trusteer, a provider of secure browsing solutions, the highest number of ZeuS command and control (C&C) servers are hosted in the United States.

The United States is usually at the top of malware charts, either as top hoster, the country with largest number of infected computers or the primary source for spam.

However, giving the major crackdown on ZeuS-related fraud in the US last year and the amount of damage suffered by companies in the country as a result of this banking trojan, one would expect to see a decrease in the number of ZeuS C&Cs hosted there.

Unfortunately, Trusteer reports that almost 40% of the global ZeuS infrastructure is still based in the United States, while Russia hosts 21.6%.

With 5% and 3% of C&Cs on their networks, Go Daddy and ThePlanet are the biggest ZeuS hosters in US, however, are not the top in the world.

The most ZeuS-friendly ISP is the Ukrainian Informex, which accounts for 7% of the world's ZeuS sites. It is followed by Russia-based PE Bondarenko Dimitriy Vladir.

Trusteer's data shows that Eastern Europe continues to be a strong ZeuS-friendly zone, accounting for 32% of all command and control servers.

However, Western Europe countries like Germany (4.3%), United Kingdom (3.5%), the Netherlands (3.5%) are also in the top ten.

Trusteer researchers warn that the number of ZeuS C&Cs are surprisingly rising in Poland, a country that, according to recent statistics, also has the highest number of computers infected with the SpyEye banking trojan.

"More than anything, these detailed statistics show that the `global Internet' is fast becoming highly diversified, but the increasing usage of automated registration and servicing systems on the Internet means that human operator monitoring of hosted systems is become less frequent in those countries with good Internet access," says Amit Klein, Trusteer's chief technology officer.