Spam Servers Exploiting Zombies Are Located In Taiwan

By | June 8, 2006

CipherTrust has announced that its research concluded that 64 percent of all spam servers – the servers that are the source to relay spam and phishing e-mails through zombie PCs – are located in Taiwan. The United States is next on the spam server blacklist at 23 percent and China is third at three percent.

CipherTrust deploys a network of zombie-like machines across the world to gather intelligence on spamming operations. While these fake zombies do not relay spam or phishing attacks to end-users, they collect messages from spammers trying to exploit those machines and feed the information into the TrustedSource reputation system that protects more than 2,500 enterprise customers worldwide. By capturing these messages, CipherTrust is able to determine the location of the spam servers.

Dr. Paul Judge, Chief Technology Officer, CipherTrust, said: “Although CipherTrust has successfully used our reputation technology to determine the location of zombie machines, our latest research further identifies the location of the originating servers. Not only can we use our technology to monitor zombie activity and analyse how spammers and phishers benefit from those compromised machines, but also we are now able to examine their origins. This is important information for ISP´s and law enforcement authorities in determining where to focus their efforts to make a real difference in the fight against attackers.”

Additionally, researchers found that during the past month, there was a 21 percent increase in the number of new zombie computers and a 20 percent increase in overall unwanted e-mail traffic. According to the information found using a combination of the TrustedSource technology and Message Profiler(tm) technology, this significant jump may coincide with the sharp rise in the use of randomised image-based stock spam in which spammers use more challenging graphics-based messages to avert traditional anti-spam deployments.

Leave a Reply