News

Spam-Based Malware Shows Dramatic Rise

• By Stephen Swoyer
• October 20, 2009

The volume of spam traffic often roughly correlates with the state of the economy: The gloomier the economic outlook, the gloomier the state of spam traffic.

Take the most recent "State of Spam" report (PDF) from security specialist Symantec Corp. It found that spam accounts for the overwhelming majority of e-mail traffic: 86 percent, according to Symantec's tally.

That isn't surprising. Spam traffic has hovered in the 83 to 86 percent range for about a year. What is alarming is that spam-based malware traffic -- i.e., malware that "piggybacks" on top of (or is otherwise linked to via) spam messages -- increased dramatically last month, surging by 900 percent between August and September. At one point in September, Symantec reports, malware accounted for almost 5 percent of all spam traffic.

Although spam traffic was down last month relative to the year-ago period, Symantec researchers are far from sanguine. For one thing, spam volumes have been steadily climbing back up to previous levels.

The main reason spam volumes declined in the first place was because hosting provider McColo.com -- which researchers say accounted for two-thirds or more of global spam volumes --- went offline last November.

"While the single-digit increase [in spam-based malware] may seem relatively small at first, the consequences of this rise [are] quite significant when you consider that 86.39 percent of all e-mail messages in September 2009 were spam," write Symantec researchers Dylan Morss and Dermot Harnett.

One upshot of a surge in spam-based malware is an explosion in the size of e-mail messages: "[I]n September, spam messages with a size greater than 10[KB] increased by 5 percent while spam messages that had an average size between 0 and 2[KB] dropped by 7 percent," the pair notes.

What's more, Morss and Harnett say, spam messages of 10KB or more now account for 13 percent of all e-mail traffic. Although the 2 to 5KB range seems to be the sweet spot, accounting for 55.19 percent of all e-mail traffic, Symantec also remarked on the rise in spam messages of between 5 and 10KB. Nearly 30 percent of e-mail messages last month fell into this category.

The effects of this increase are far-reaching. Aside from the issue of malware attachments, the sheer size of messages complicates things for IT, Internet service providers and legitimate e-mail traffic. "Larger messages cause a significant burden on IT resources and can delay the delivery of legitimate messages from reaching their intended users," the authors report.

Elsewhere, Symantec reports, the United States continues to generate most of the world's spam. In September, the United States actually increased its output of spam by 2 percent to 25 percent of the global total.

Brazil was second (at less than half of the U.S. tally), followed by South Korea, India, Poland and Vietnam, all with one-sixth of the U.S. figures.