The US has been named and shamed as the nation that hosted more malicious code and relayed more spam than any other during 2006.

According to the Sophos Security Threat Report 2007, the US internet industry remains plagued by criminal activity despite continued efforts to clamp down on cyber-crime.

"Too many US-hosted websites still have lax security measures in place," said Carole Theriault, senior security consultant at Sophos.

"Given the effectiveness of web-based attacks, web hosting companies in the US and elsewhere need to step up their policing of published content, and ensure that malicious code is quickly removed before innocent users get hit."

The UK ranked 19 in the chart, responsible for hosting 0.5 per cent of all websites containing malicious code.

The US also topped the list of worst spam-relaying nations. While the US has made good progress in this area, there was still more spam sent from US computers in 2006 than from any other single nation.

Sophos noted that up to 90 per cent of all spam is now relayed from zombie computers hijacked by Trojan horses, worms and viruses and under the control of hackers.

This means that they do not need to be based in the same country as the computers being used to send the spam.

The report also found that the most prolific email threats during 2006 were the Mytob, Netsky, Sober and Zafi families of worms, which together accounted for more than 75 per cent of all infected email.

However, Sophos predicts that 2007 is likely to see a significant shift away from the use of email, as cyber-criminals look to exploit the continued global growth in web use, as well as user-defined web content.