14 DAY TRIAL // According to Commtouch, a US based company that specializes in providing e-mail safety solutions, and the quarterly report that it has recently released, malware and spam traffic is still at alarmingly high levels mainly because of the millions and millions of infected machines. The report analyzes the day to day evolution of e-mail traffic and keeps a close eye on botnets and zombie machines (infected machines that spread malware and spam without the users' knowledge).
The report states that on a daily basis around 10 million infected machines are detected, and most of them are part of domains such as Telecom Italia, Brasil Telecom and Verizon. All the machines have generated on average a staggering 77% of all mail traffic detected over a period of three months; the lowest value was of 64% while the highest of 94%.
It is worth mentioning that Commtouch detects infected IPs when they are activated, but since these are active IPs, they can be activated and deactivated whenever the spammer wants to. The other annoying thing about active IPs is the fact that they are quite good at bypassing spam filters that employ blacklists of static IPs.
The top three most infected domains are ttnet.net.tr, telecomitalia.it and tpnet.pl. All these domains host well over a million zombie machines - the No. 1 ranked ttnet.net.tr in fact is 200,000 close of 2 million.
In regard to the geographical location of zombie machines, the most affected five countries are Turkey, Brazil, Russia, Italy and India. The US came in at number 9, with China close behind at number 10.
Amir Lev, CTO and President of Commtouch comments: "Zombie networks or 'botnets' have become so enormous and agile, they are flooding email with increasingly malicious threats. Many technologies attempt to identify and block email from senders known for sending malicious content, but they are not updated rapidly enough to keep up. By the time these lists are updated the threat has shifted to another set of zombies, leaving customers unprotected."