Dear Bloggers,

I don’t know about you but I could deal with a lot less spam email trying to sell me cheap Viagra and fake Rolexes….and coincidentally, that is just what may have happened!

Grum, the top botnet of spam email, is estimated to have delivered 35% of the world’s spam email. Using servers located in the Netherlands, Russia, and Panama, Grum rose through the ranks overtaking Lethic for the top spot.

Recently a senior staff scientist at FireEye identified the IP addresses on the 4 command-and-control (C&C) servers making up the botnet. Two of those four servers were responsible for pushing configuration changes to infected computers while the other two server were responsible for identifying which spam messages to send out.

Two of the four servers located in the Netherlands were taken off line leaving Grum crippled but not dead.  It would have been capable to resurrect the botnet but security officials were quick to react and successfully took down the last of the servers located in Russia and Panama.

The permanent takedown of the top spam botnet sends a strong message to other botnets.

With Grum dead, zombies infected with malware are relatively harmless as they are unable to communicate with the servers .

With less spam, I can now focus my attention on valid email offers, like shoes!!

Until next time……

References

Rashid, F. (2012, July 18). Dutch police disable Grum botnet to slow spam spread. Retrieved from http://www.scmagazine.com/dutch-police-disable-grum-botnet-to-slow-spam-spread/article/250656/

Rashid, F. (2012, July 19). Grum botnet dead after remaining servers are shut off. Retrieved from http://www.scmagazine.com/dutch-police-disable-grum-botnet-to-slow-spam-spread/article/250656/