Monster Spam Botnet, Called Grum, Taken Offline
Grum, a botnet which is alleged to have sent 18 percent of the world's spam emails, has been taken offline.
Security company FireEye and spam-monitoring service SpamHaus worked with local internet service providers (ISPs) to take down the botnet which consisted of more than 20,000 infected computers around the world.
A botnet is a group of computers infected by a virus which allows criminals to control the PCs to send out millions of spam emails via command and control (C&C) servers. Grum's C&C servers were mainly located in Ukraine, Russia and Panama.
Grum has been operating since at least early 2008 according to FireEye security expert Atif Mushtaq, and managing to remain operational for this long is atypical for a botnet. Earlier this month figures from M86Security stated Grum was responsible for 17.4 percent of worldwide traffic spam, placing it behind botnets Cutwail and Lethic as the world's most active botnet.
Earlier this year however, Grum was the world's most prolific sender of spam, responsible for a third of all spam email sent.
Working with local ISPs, FireEye was able to shut down a C&C server in Holland earlier this month, before a Panamanian ISP finally buckled on Tuesday, 17 July and also shut down a C&C server located there. However Grum was comprised of two different segments, one being controlled from Panama and one from Russia.
The people in charge of the botnet quickly pointed their infected PCs towards a secondary server in the Ukraine follwoing the Panama shutdown. Following intervention from Mushtaq and FireEye, the six new severs in Ukraine and original Russian server were taken offline on Tuesday morning, 18 July.
Grum's closure was an encouraging development in clamping down on botnets across the world, he said.
"When the appropriate channels are used, even ISPs within Russia and Ukraine can be pressured to end their cooperation with bot herders. There are no longer any safe havens. Most of the spam botnets that used to keep their CnCs in the USA and Europe have moved to countries like Panama, Russia, and Ukraine thinking that no one can touch them in these comfort zones. We have proven them wrong this time. Keep on dreaming of a junk-free inbox."
© Copyright IBTimes 2024. All rights reserved.