Zombie computers on the Internet

Verizon, Telecom Italia, and Brasil Telecom Top the Zombie Charts in Commtouch Second Quarter Trend Report
see also Commtouch Q2 2008 Email Threats Trend Report

Commtouch® today released its second quarter 2008 Email Threats Trend Report, based on the automated analysis of billions of email messages weekly. The report examines recent trends in email threats, especially the role of millions of dynamic zombie computers actively sending spam and malware every day.

Highlights of the report include:

* Top domains with the most infected machines (aka zombies) based on Commtouch Labs research include: Telecom Italia, Brasil Telecom, and Verizon
* Spam levels throughout the second quarter averaged 77%, ranging from a low of 64% to a peak of 94% of all email towards the end of the quarter
* 10 million zombie IP addresses are active each day, on average
* United States drops to 9th place in number of zombies globally. Turkey is #1 with 11% of all zombies
* Pharmaceutical spam is the most popular topic, comprising 40% of all spam
* Phishing scams took advantage of higher education community, as well as Google adwords users
* Spammers experimented with vertical display in Chinese-language spam

“Zombie networks or ‘botnets’ have become so enormous and agile, they are flooding email with increasingly malicious threats,” said Amir Lev, Commtouch’s chief technology officer and president. “Many technologies attempt to identify and block email from senders known for sending malicious content, but they are not updated rapidly enough to keep up. By the time these lists are updated the threat has shifted to another set of zombies, leaving customers unprotected. On the one hand, ISPs have an obligation to protect their customers from unwanted email; however, they also have a responsibility to ensure that their customers are not a source of unwanted email by being part of these botnets.”

Commtouch Recurrent Pattern Detection™ technology identifies and blocks email threats, including increasingly malicious malware and phishing outbreaks. Dynamic detection of zombie IPs provides effective protection against zombies, without causing high false positives.