Wednesday, August 1, 2012

Can the Spam

The massive global spamming botnet Grum, had its command and control servers in Panama and Netherlands shut down on Tuesday. Grum dominated the spamming world with 18% of global spam and was responsible for sending around 18 billion spam messages a day. It then quickly opened new servers in Russia and Ukraine, but security experts were yet again able to shut them down on Wednesday.

The final Grum botnet server was taken down successfully in the morning due to the successful collaboration between FireEye (Security Company) and security experts in Russia. Internet service providers were told to shut down the servers hosting the botnet, making infected computers unable to connect to servers.
Security experts say that it will be very difficult for Grum’s creators to re-establishing the command and control servers, as the botnet was coded to only connect to a master server wich were successfully taken down.

A computer security specialist at FireEye stated that “It’s not about creating a new server. They’d have to start an entirely new campaign and infect hundreds of thousands of new machines to get something like Grum started again” Atif Mushtaq, added that “They’d have to build from scratch. Because of how the malware was written for Grum, when the master server is dead, the infected machines can no longer send spam or communicate with a new server.

Sources: Sophos, Spamhaus, Symantec, Internet World Stats
It is highly unlikely the same version of the botnet will appear any time soon. Botnet was the third largest global spammer.  Figures on the right show the highest spamming countries in the world from April to June. India being the most substancial with a massive 21% of the worlds spam emails followed far behind by Italy with 13%.