According to new figures, published today by Sophos, something strange has happened in the world of spam: China has dropped out of the list of the world's worst spam relaying countries for the first time ever.
The Sophos 'Dirty Dozen Spammers' list has become something of a staple diet for security researchers, covering the top twelve countries in terms of how much spam they each relay every quarter.
While there is no surprise in seeing the US remain firmly seated at the top of the guilty as hell pile, responsible for relaying an astonishing 13 percent of all global spam (or hundreds of millions of junk messages every single day, although you may not actually see any of it) the fact that China has dropped out of the Dirty Dozen has come as a huge shock for many list observers.
China has completely disappeared from the list, dropping down to 15th place on the global scale and being responsible for 'only' 1.9 percent of the world's spam according to Sophos.
That said, if you look at spam by continent rather than country, Asia continues to dominate with more than a third of the world's unsolicited junk email relayed by the region. Although the US remains the top offender by country, North America as a whole has reduced its spam throughput since last quarter, dropping from second to third place behind Europe.
"All eyes aren't so much on which countries are on the list, but the one which isn't. China has earned itself a bad reputation in many country's eyes for being the launch pad of targeted attacks against foreign companies and government networks, but at least in the last 12 months they can demonstrate that the proportion of spam relayed by their computers has steadily reduced" said Graham Cluley, senior technology consultant at Sophos. "A new dirty 'gang of four' - South Korea, Brazil, India and their ringleader USA - account for over 30% of all the spam relayed by hacked computers around the globe".
The top twelve spam relaying countries for January to March 2010 are as follows:
1. United States (13.1%)
2. India (7.3%)
3. Brazil (6.8%)
4. S Korea (4.8%)
5. Vietnam (3.4%)
6. Germany (3.2%)
=9. United Kingdom (3.1%)
=9. Russia (3.1%)
=9. Italy (3.1%)
10. France (3.0%)
11. Romania (2.5%)
12. Poland (2.4%)
Others = 47.3%
I'm a hacker turned writer and consultant, specialising in IT security. I've been a freelance word punk for over 20 years and along the way I have seen 23 of my books published, produced and presented programmes for TV and radio, picked up a bunch of awards and continue being a contributing editor with PC Pro - the best selling IT magazine in the UK .
This doesn't really surprise me, but I believe this is merely a trend of Chinese based spammers becoming a bit more sophisticated and using Botnets based in the USA to continue to send massive amounts of spam. Eastern European spammers were the first to shift much of there relays to compromised servers within the USA and the Chinese spammers are just now catching up. The US is the primary target market for spam and they have more success by using relays within the US since many spam filters screen foreign based email more thoroughly.
I think this has a lot to do with the fact that US is the most important market with regards to online marketing. Therefore, more and more website owners are getting sites hosted in the US, hence spambots are also originated from the US. This is probably the reason why the US is #1 and will probably remain there. India is #2 because as we all know it is the number one place where most of the internet outsourcing gets done from.