Feeds

Belarus becomes world's top country ... for SPAM

White Russia dons black hat, becomes junkmail conduit

High performance access to file storage

Belarus has eclipsed the US to become the biggest single source of global spam, according to cloud-based email and web security firm AppRiver.

Junk volumes from the landlocked former Soviet republic, which borders Poland and Russia, hit an all-time high on 13 April and have sustained this level since then.

In January, AppRiver security researchers were seeing an average of 3.1 million spam messages per day from Belarus. After the spike happened on 13 April, AppRiver said it began recording an average of 12.3 million spam messages per day - which is now climbing.

Only one in a thousand messages from Belarus is legitimate, with 99.9 per cent of the electronic messages consisting of junk mail, said the security firm. Current volumes of junkmail from Belarus are exceeding those from the US, the historic source of most of the world's internet detritus.

"The actual message content was very slim and simple," explains AppRiver security analyst Jonathan French in a blog post. "Most of the messages just simply contained a link and a few words. Many of the links did not lead to active webpages, with most giving 500 or 404 server errors."

"The links that did work lead to pharmacy websites trying to sell drugs to visitors. There was a very small amount of the messages that also lead to websites hosting malware," he added.

French told El Reg that most users would likely recognise the messages, which come from .ru domains and make no attempt at spoofing, as spam. He's currently at a loss to explain the sustained spam spike from Belarus.

"I can only speculate at the cause, but I assume there was nothing special about the April 13th date when spam volume began to rise," French told El Reg. "It may have just been the time for the campaign organiser(s) to start after preparing the machines and systems for this particular campaign. It has been ongoing a while and showing no signs of declining."

Belarus, best known as the last holdout of a Stalinist-style regime in Europe, has rarely - if ever - been mentioned as a major source of spam. However, a quick check with Sophos revealed it had also logged Belarus as the world's worst spam-relaying country over the last 30 days.

Belarus now accounts for 16.3 per cent of the world's spam, compared to 15.1 per cent from the US and 7.45 per cent from the Ukraine, according to exclusive figures produced for The Register. China accounts for 5.78 per cent of the world's spam-relaying.

Sophos's stats, like the figures from AppRiver, look at the locations of abused computers (almost always Trojan-infected zombie drones) rather than the physical location of current spam kingpins. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.