Eastern Europe is responsible for what F-Secure Security Adviser Sean Sullivan calls "commoditized crimeware."In part, this is due to the laws there surrounding cybercrime.
"The law allows the development of malicious code in these countries, or else there would be no strong penalties," says Sullivan.
Barry Shteiman, director of labs at Exabeam, elaborates: "In Romania and Ukraine, where there are limited to no laws regarding hosting and Internet monitoring, essentially anyone can do anything unsupervised in a public data center or from their homes. Because of this, and their location relatively central to Europe, these countries are favorites as malware command and control server locations."