Collaboration is key in 2010 as global spam levels subside

22 Feb 2011
Virus News

Kaspersky Lab, a leading developer of secure content and threat management solutions, announces the findings of its annual analytical spam report for 2010.

2010 saw the combined efforts of law enforcement agencies, vendors and IT security experts clock up a number of successes in the fight against spam. A large-scale campaign targeting spammers resulted in the closure of infamous botnets such as Waledac, Pushdo/Cutwail, Lethic and Bredolab. In August, law enforcement agencies closed 20 Pushdo/Cutwail botnet command centers responsible for an estimated 10 percent of the total volume of the world’s spam. The cybercriminals sustained their most tangible loss on 25 October, when 143 Bredolab botnet command centers controlling around 30 million zombie computers worldwide were shut down.

According to Kaspersky Lab experts, these measures led to the first-ever prolonged decrease in the amount of spam throughout the last two months of the year. The most notable result of this campaign was a considerable reduction in the quantity of spam originating from the USA.

At the same time, botnet owners started moving their creations to countries where legal restrictions were less likely to affect them, which led to an increase in the amount of spam originating from Eastern Europe. However, the USA continued on from the previous year as the leading distributor of spam, accounting for 11.33 percent of all unsolicited mail, followed by India on 8.3 percent, and Russia with 6.0 percent. In 2010, Asian and Eastern European countries were widely represented in the Top 20, while the countries of Western Europe were in the minority.

The quantity of malware in mail traffic grew in 2010, malicious files were found in 2.2 percent of all emails, 2.6 times more than in 2009. At the peak of the attacks in August, the percentage of emails with malicious content reached 6.29 percent at its peak.

Over the past 12 months the leading English-language spam category was Medication and Health-Related Goods and Services. The share of spam in the Spammer Services (-6.1 percentage points) and Adult content categories (-4.6 percentage points) decreased considerably compared to 2009. In September, after the closure of the pharmaceutical SpamIt partner program, spammers who used to make money offering medication began looking at various other partner programs. This resulted in the short-term growth of different types of spam, including advertisements for online casinos and porn sites.

“Spam distribution will remain the cybercriminals’ main source of income,” forecasts Darya Gudkova, Head of Content Analysis & Research at Kaspersky Lab. “In the future, we expect to see a continuation in sophisticated attacks combining phishing, spammer and social engineering techniques. Cybercriminals will become more cautious, employing security software and locating their botnets in countries which are less hostile to cybercrime.”

The full version of the annual spam report for 2010 is available at: