The Grum botnet came to an end
earlier this week after security researchers managed to shut down the
Internet connections of the botnet's main servers. According to CNN, the shutdown operation started on Tuesday, when a Dutch ISP cut off
the net connection to two of the botnet's servers. Another server in Panama was also found and had its Internet connection severed. One
server remained online in Russia, but the Grum botnet's
operators, who remain unknown, tried to bring a backup server in the Ukraine online. Fortunately, by that time security researchers were getting close and managed to
get ISPs in the area to cut off the final server's connection on
Wednesday.Atif Mushtaq, FireEye senior scientist who helped with shutting down the botnet, said: "We are confident that it can't recover. I've been monitoring Grum for four years. Right from the start we knew that it doesn't have any fallback mechanism." Mushtaq also said that the closing of the Grum botnet has already caused Lethic,another large botnet, to reduce its own spam activities drastically, perhaps in fear of the same thing that happened to Grum, happening to its opperators too.
The botnet used countless infected PCs around the world to generate as many as 18 billion spam emails a day, mostly to advertise drugs. According to security firm Trustwave, the Grum botnet created as much as 35 percent of the world's spam email just last week. Mushtaq says that the closing of the Grum botnet has already caused another large botnet, Lethic, to cut its own spam email activities drastically, perhaps because its operators are afraid their servers might be discovered soon.
0 comments:
Post a Comment