The US is officially the world's capital for spam-spewing zombified computers after taking top spot on the 2013 Dirty Dozen Spampionship league table.
Security software firm Sophos has revealed the results of the top spam relaying nations. Once again it was the US which collected the title, generating 14.5 per cent of the total spam volume sent.
The Dirty Dozen results were compiled to show where in the world the greatest volumes of spam were being sent from during the final three months of last year. Sophos senior security analyst, Paul Ducklin, said the most obvious message of the Dirty Dozen charts was that the problem of zombified computers spewing spam was truly a global one.
"Every region of the world is strongly represented, with the exception of Africa." Spammers don't send spam themselves: they use botnets, or "zombie armies", of malware-infected computers to distribute their spam for them, almost always without the owners of the infected computers being aware. Ducklin said, in most cases, the countries in the Dirty Dozen made it onto the list because a statistically significant proportion of their residents were conducting business online using computers that were actively infected by remote-control malware.
"So the spam aspect is just a symptom -- the start of the problem," he said.
"Zombie malware means the crooks are already on the inside. It's up to you to turf them out." Compared to the US, the results show things have stayed pretty stable.
Belarus retained its top spot, with the average computer there over 10 times more likely to send spam than if it were in the USA.
Meanwhile other countries like Uruguay, Taiwan, Luxembourg and Macedonia continued to jockey for positions in the top 12.
The only significant move came from Kuwait, with figures showing there had been almost a three-fold increase in spam-relaying per capita, growing from 2.1 times the US figure per capita, to 6.07, to elevate it to second place in the table. According to Ducklin, the Spampionship League Tables are not intended to suggest that individual nations are actively involved in illegally sending spam, but are designed to raise awareness of just how many computers are potentially infected with spam-relaying malware. "If your country isn't in the Dirty Dozen, it's easy to feel smug, or at least complacent," he said.
"Don't do that: if you're a spam sender, Dirty Dozen or not, you are a net positive contributor to cybercrime."
Sign up for CIO Asia eNewsletters.