For the second time in a week, Russia has been named and shamed for its rising profile as a global malware hub.
Last week, Sophos ranked Russia as number 2 on its league table of spam-relaying countries, behind the U.S., but well ahead of the usual suspect, China. Now Australian security company PC Tools reckons that Russia has overtaken China again, but this time as a producer of active malware such as viruses, Trojans and spyware.
Russia now occupies number one spot on this ranking with 27.4 percent of malware, slightly ahead of China on 27 percent. Both leave the U.S. trailing in third with 10.1 percent, Brazil on 6.6 percent, and the U.K. with 5.32 percent.
PC Tools' own Russian researcher, Sergei Shevchenko, was in no doubt that Russia's number one showing was significant, and even related it to the country's gloomy folklore.
"The vacuum left by the RBN [Russian Business network] has been filled by other malware distributors," he said. "Russian mythology refers to a dragon-like creature with three heads, called Zmey Gorynych that requires all three heads to be severed to ensure its death," he said rather ominously.
The company has compiled figures from its automated Threat Expert system to create a global malware map that records figures from all countries for which there are measurable figures.
Not everyone agrees that Russia's figures should be taken at face value.
"There are several reasons why Russian has become more noticeable in statistics like this. First, there is economic growth in Russia which means there are many more computers and many new users," said Dmitry Kurashev, director of Russian IT Company Famatech . "With a population of 142 million you need to compare the figures to other countries such South Korea, Turkey, Poland, Italy, and Spain," he pointed out.
Certainly, as with the spam figures from Sophos, these figures don't mean that all of the malware coming out of a country is actually being produced by that territory. Some of it will be relayed malware. As the Threat Expert map hints, there is a strong correlation between the number of consumer PCs that exist to be hijacked in a country and the volume of malware attributed to that country.
Russian has a growing population of PC users, but who appear to be relatively badly secured against compromise. The U.K., on the other hand, has a mature market and somewhat better security.