Home / Blogs

Is Australia a Hot-Bed of Zombie Activity?

Terry Zink

About a week ago, I posted that Australia was getting ISPs to boot infected computers off of their network. I commented on whether or not this was a good policy. However, there was one thing in that article that I wanted to comment on but didn't, it was this excerpt:

A global report by security technology giant McAfee reveals that Australia now ranks behind only the US and China for the number of "zombie" computers that fell under the control of spammers in 2009. "The `Land Down Under' is proving to be fertile ground for zombie recruiting," the report says.

It estimates Australia accounts for 6.3 per cent of the world's "new zombies", compared with 18 per cent from the US and 13.3 per cent from China. Just two years ago, Australia was not even in the top 10 countries listed in McAfee's Global Threats report.

Australia is now number 3? Behind only the US and China? That sounds a little hard to believe. I say this because it completely contradicts any of the data I have.

Now, I will admit that I only have data on how much spam we receive from each country, and from how many distinct IPs. If I go by the second half of 2009, Australia ranks 24th for distinct number of IPs that sent us spam and 26th for total amount of spam sent. It lags far behind other countries like South Korea, Brazil, India, Poland, Spain, Romania, Ukraine, and so forth.

Now it's possible that McAfee's report measures total zombie activity. Zombies do more than send spam — they host spammy web pages, do fast flux, perform black search engine optimization, conduct DOS attacks, and so forth. And obviously, I have gaps in my own data because I don't measure that. Yet if I go by data in Microsoft's latest Security and Intelligence Report (which covers first half of 2009), Australia ranks far down the list of countries in terms of number of infected computers with malware, malware distribution sites per 1000 Internet hosts, and so forth. It confirms my data that Australia is not one of the biggest players when it comes to spam.

This leads me to a couple of possibilities:

1. McAfee has other metrics that we are not collecting that indicates that Australia has lots of zombies and bumps it up the list.

2. One of us is wrong.

No offense to McAfee, but I'm guessing (emphasis on the word guessing) that it's (2), and it's not us that is wrong. It stretches the credibility to assert that Australia is a smaller player in spam and malware infections but is really abusive in everything else. More often than not, if a country is abusive in one category, they are usually abusive in other categories. While it is true they may not be stack-ranked the same in every category of abuse, they usually are pretty close.

By Terry Zink, Program Manager
Follow CircleID on

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

Fair comment The Famous Brett Watson  –  Feb 09, 2010 6:18 PM PST

According to Spamhaus, the top countries currently responsible for spam are the USA, China, and Russian Federation. Australia is not in the top ten. Given the correspondence between spam and zombies (as expected) in the number one and two positions, I think the onus is on McAfee to show their working, so to speak.

To post comments, please login or create an account.



DNS Security

Sponsored byAfilias


Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC

Domain Names

Sponsored byVerisign


Sponsored byWhoisXML API


Sponsored byThreat Intelligence Platform

New TLDs

Sponsored byAfilias