The massive global spamming botnet Grum, had its
command and control servers in Panama and Netherlands shut down on Tuesday. Grum
dominated the spamming world with 18% of global spam and was responsible for sending
around 18 billion spam messages a day. It then quickly opened new servers in
Russia and Ukraine, but security experts were yet again able to
shut them down on Wednesday.
The final Grum botnet server was taken down successfully in
the morning due to the successful collaboration between FireEye (Security
Company) and security experts in Russia. Internet service providers were told
to shut down the servers hosting the botnet, making infected computers unable
to connect to servers.
Security experts say that it will be very difficult for Grum’s
creators to re-establishing the command and control servers, as the botnet was
coded to only connect to a master server wich were successfully taken down.
A computer security specialist at FireEye stated that “It’s
not about creating a new server. They’d have to start an entirely new campaign
and infect hundreds of thousands of new machines to get something like Grum
started again” Atif Mushtaq, added that “They’d have to build from scratch.
Because of how the malware was written for Grum, when the master server is
dead, the infected machines can no longer send spam or communicate with a new
server.”
![]() |
Sources: Sophos, Spamhaus, Symantec, Internet World Stats
|
It is highly unlikely the same version of the botnet will
appear any time soon. Botnet was the third largest global spammer. Figures on the right show the highest spamming
countries in the world from April to June. India being the most substancial
with a massive 21% of the worlds spam emails followed far behind by Italy with
13%.