A botnet which has sent out millions of spam messages daily for months has been killed off thanks to a collaborative effort from security experts in the US, Britain and Russia.
Atif Mushtaq of the California security firm FireEye said that Grum botnet “has finally been knocked down”.
Writing in his bog, Mushtaq said the shutdown was a joint effort of his group with the British-based Spamhaus Project, a nonprofit group, and the Russian-based Computer Security Incident Response Team known as CERT-GIB.
All the known command and control servers are dead, leaving their zombie orphaned.
Researchers also shut down servers in the Netherlands and later in Panama, where “pressure applied by the community” caused the hosting firm to shut it down.
The spam operation moved to new servers in Ukraine after the ones in Panama were closed with the help of Spamhaus, CERT-GIB and an “anonymous researcher” all six new servers in Ukraine and the original Russian server were dead.
Apparently the shutdown was made by the “upstream provider” at the request of the security companies.
The botnets used 120,000 infected “zombie” computers to send out spam each day. Currently only 21,000 of them are functioning at all. Once the spam templates expire then the spam will die off.
The collaborative effort to take down Grum sends a “strong message to all the spammers” that the days of building a botnet to send out spam will come to an end. If previous safe places like the Ukraine are not able to be used any more, then the spammers will have to come up with a new model. Otherwise they will spend a lot of time setting up a botnet only to see it shut.