Friday 20 July 2012

Grum botnet shut down, cuts 18 per cent of world's spam

Botnets are a collection of infected computers which in tandem deliver the spam we get in our inboxes, Grum was the third largest in the world.

Security firm FireEye in collaberation with Spamhaus and others have shut down Grum, the world's third largest botnet responsible for 18 per cent of the world's spam emails.
In 2009 Grum was responsible for well over 20 per cent sending around 39.9 billion spam emails every day, gradually however companies like FireEye and others have been able to root out the servers responsible and shut them down.
Talking in a blog post Atif Mushaq from FireEye identified some of the advantages they had which helped them in shutting down one of the world's largest botnets.
"Grum has no fallback mechanism. Once the master CnCs are dead, no new connection can be made to the secondary servers. That said, bots already connected to secondary servers will be unaffected until the infected machine gets rebooted."

Despite taking several years to shut down Mushaq is confident that this will be the first step in taking down many of the world's botnets and should be a clear sign to those in that community.
"There are no longer any safe havens. Most of the spam botnets that used to keep their CnCs in the USA and Europe have moved to countries like Panama, Russia, and Ukraine thinking that no one can touch them in these comfort zones. We have proven them wrong this time."

No comments:

Post a Comment