The world’s third largest bot net, known as Grum and thought to be responsible for around 18 per cent of the world’s email spam, has been shut down.
While the confirmation of the downing was made by security firm Fireeye, several other groups were also involved, including: anti spam network SpamHaus, CERT-GIB – a rapid response, digital security firm – and a researcher named only as Nova7. Working together, they were able to petition ISPs in several nations to shut down the control servers for the botnet, bringing it down for good on 18th July.
But doing so was far from a simple matter. As quick as they could down the servers in Panama, new ones sprang up in Ukraine – a nation notorious for providing a haven for spammers. However, passing this information along to their “contacts” in these nations, those involved in the shut down were able to have the servers taken offline within hours – including the master in Russia, bringing Grum to its knees.
According to SpamHaus statistics, most days up until now have seen 120,000+ IP addresses from the Grum network sending out spam. Now that number has dropped to just over 21,000. Fireeye outlined in its blog post, that once the spam templates have become outdated, it is believed these will also stop.
KitGuru says: This is just the final chapter in the Grum initiative. For the full story – that makes for quite a good read – check out the Fireeye post, it’s interesting stuff.