August 13, 2008

Ten Million Zombies Distributing Spam and Malware Every Day, According to PandaLabs and CommTouch

GLENDALE, Calif., Aug. 13 /PRNewswire/ -- Panda Security, a leading provider of IT security solutions, today announced that PandaLabs, Panda Security's laboratory for detecting and analyzing malware, announced the findings from a joint report with CommTouch on the current state of spam. The report found that on average during the second quarter of this year, more than 10 million zombie computers (systems infected by 'bots' and controlled remotely by cyber criminals) were sending spam and emails with malware every day. The full report can be accessed at: Email_Threats - Panda.pdf.

According to the report, the vast number of 'zombies' continues to be largely responsible for the avalanche of spam suffered by users and companies. Between April and June 2008, 74 percent of all mail received was spam. The bots infecting these computers are small programs dropped on computers that enable attackers to take remote control of the system and botnets are groups of computers infected by bots and primed to act in unison. Cyber-crooks send instructions to these computers, including commands to download malware onto the system, display advertising to the user, launch denial of service attacks, and above all, distribute spam.

"This is not just annoying for users, who have to delete all of this mail, but in corporate environments it has important repercussions on productivity and resource consumption," explains Luis Corrons, technical director of PandaLabs. "Nucleus Research, an independent consultant, put the cost of receiving and deleting spam at $712 per employee.(1)"

In the second quarter of 2008, Turkey became the country with most zombie computers (11 percent of the global total), followed by Brazil (8.4 percent) and Russia (7.4 percent). The USA, which in the first quarter accounted for 5 percent of all zombies, is now in ninth place with just 4.3 percent of the total.

Email threat trends in the second quarter of 2008

During the second quarter of 2008, there have been no revolutionary trends in the distribution of spam and malware via email, largely due to the fact that existing methods are still serving cyber-crooks well.

Google Adwords has been at the center of one of the most notable attacks over the last quarter. This Google service had been used previously to launch phishing attacks and the trend continues. This type of attack uses social engineering to trick users into revealing confidential details (bank account numbers, passwords, etc.). Aimed at the owners of Google Adwords accounts, the messages include subjects such as "your Adwords Google account is stopped" or "account reactivation" and include seemingly legitimate links. If users click the link, they are taken to a page that appears genuine and are prompted to enter their confidential details which will immediately fall into the hands of cyber-crooks.

Tax information has been another favorite of spammers. Around the period for filing tax returns in April, attackers distributed mail with subjects such as: "Get a fast tax refund free" or "Get fast relief for IRS tax debt." In most cases, the aim of these attacks was to obtain confidential details such as bank account numbers or physical addresses.

The Blogspot platform has also been used to host and distribute malicious content. Perhaps as a result of the growing awareness by Blogspot and its attempts to counter this type of content, spammers have begun to use other platforms. Blogdrive fell victim in this second quarter to spammers, who launched a wave of comments at the platform containing links to pornographic websites.

For more information about these and other trends observed during the second quarter of 2008, see the CommTouch and PandaLabs report at Email_Threats - Panda.pdf

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.

Currently, 94% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog:

About Panda Security

Panda Security is one of the world's leading IT security providers, with millions of clients across more than 200 countries and products available in 23 languages. Its mission is to develop and provide global solutions to keep clients' IT resources free from the damage inflicted by viruses and other computer threats, at the lowest possible total cost of ownership.

Panda Security proposes a new security model, designed to offer a robust solution to the latest cyber-crime techniques. This is manifest in the performance of the company's technology and products, with detection ratios well above average market standards and most importantly, providing greater security for its clients. For more information and evaluation versions of all Panda Security solutions, visit our website at:

(1) costing-us-businesses-712-per-employee-each-year/

Panda Security

CONTACT: Bill Bourdon of Bateman Group, +1-415-602-1491,[email protected], for Panda Security

Web site: