For those of you who don’t need the uplifting benefits of Viagra, a bigger tool, or ‘insider info’ on penny stocks about to explode, the takedown of the Grum botnet should be good news indeed.
Considered the third largest botnet, Grum would now appear to be no more thanks to the collaboration of many individuals within the security community.
FireEye’s Atif Mushtaq said in a blog post,
“I am glad to announce that, after three days of effort, the Grum botnet has finally been knocked down. All the known command and control (CnC) servers are dead, leaving their zombies orphaned.”
The botnet’s ‘death’ occurred on Wednesday when servers – one in Russia and six in Ukraine – were shut down. This follows the disconnection of previously used servers in Panama and the Netherlands earlier this week. Whoever was behind Grum was hastily trying to move their operation over to new machines but the good guys got in before the operation was complete. Taking down a botnet coming out of Russia/Ukraine is quite some achievement of course as these countries have often been seen as something of a safe haven for bot herders.
The disintegration of Grum sees the end of a botnet believed to have contained some 100,000 compromised machines which was generating somewhere between 15 and 20 billion spam emails every day! This figure meant the botnet was believe to have been responsible for around 18% of all the spam messages being sent.
As Atif Mushtaq says, this takedown sends a strong message out –
“Stop sending us spam. We don’t need your cheap Viagra or fake Rolex. Do something else, work in a Subway or McDonalds, or sell hotdogs, but don’t send us spam.”
Have you seen a decrease in the amount of spam you have received today? I know I have, though its still very early here in the UK…