Sprawling spam botnet struck down
Grum responsible for more than 17% of spam worldwide, FireEye security firm says
CBC News
Posted: Jul 19, 2012 12:44 PM ET
Last Updated: Jul 27, 2012 11:54 AM ET
The Grum botnet was at one point responsible for more than 33 per cent of the world's spam, according to computer security experts. Recently, its share of the spam market had dropped to 17 per cent, but it was still the third-most active spam botnet out there. (iStock)
A California-based computer security company says it and several other experts have taken out a piece of malware responsible for more than 17 per cent of the world's spam.
FireEye wrote in a company blog Wednesday that all of the command and control servers deploying the Grum botnet had been disabled.
Several security experts had spent days playing a game of cat and mouse with the creators of the malware, shutting down servers in Panama and Russia only to have new ones pop up in the Netherlands and Ukraine.
In most cases, the security sleuths managed to convince the internet service providers hosting the servers to shut them down. In Russia, however, it was the upstream provider, which connects ISPs to the internet, that "null routed" — i.e. rendered useless — the IP address affiliated with the primary malware server in that country, wrote FireEye security researcher Atif Mushtaq.
Mushtaq said he co-operated with experts at the Switzerland-based Spamhaus and the Russian computer security incident response team CERT-GIB, as well as with an anonymous researcher known as Nova7, to rally the online community that tracks computer threats to put pressure on the ISPs hosting Grum servers.
Dates back to 2008
Grum has been active since as far back as 2008, an unusually long life for a botnet, Mushtaq said.
As of January 2012, Grum was responsible for 33.3 per cent of worldwide spam, according to data from M86Security compiled by Mushtaq. But recently, its share of the spam market had dropped to 17.4 per cent, "making it the world's third-most active spam botnet after Cutwail and Lethic," Mushtaq wrote.
Mushtaq said the security community's success in taking down the botnet shows that with concerted effort, even ISPs in countries considered safe havens for those looking to set up command and control servers (CnCs) for malware can be pressured to help stop those flooding computer networks with malicious spam.
"There are no longer any safe havens," Mushtaq wrote. "Most of the spam botnets that used to keep their CnCs in the U.S.A. and Europe have moved to countries like Panama, Russia and Ukraine thinking that no one can touch them in these comfort zones. We have proven them wrong this time. Keep on dreaming of a junk-free inbox."
Share Tools
Top News Headlines
- Royal Bank pledges not to outsource jobs for cash savings
- Royal Bank has promised it will never outsource a Canadian job to a foreign worker solely to save money. more »
- Washington police blame bridge collapse on Alberta trucker
- Washington State police say an Alberta trucker was responsible for hitting a steel beam precipitating a bridge collapse on one of the busiest routes in the American northwest. more »
- Man accused of killing child in patio crash granted bail
- Emotions ran high in a packed Edmonton courthouse Friday as Richard Suter, accused of causing a crash into a restaurant patio that killed a young boy, was granted bail. more »
- Senators' unlikely playoff run ends in Game 5 disappointment
- The Ottawa Senators can't hang their heads after a 6-2 loss in Game 5 ended their improbable run to the second round of the NHL playoffs, but questions abound whether their 40-year-old captain will hang up his skates. more »
Must Watch
Latest Technology & Science News Headlines
- 3D printers give rise to 'desktop manufacturing'
- Customizable objects from plastic dollhouse furniture to medical prosthetics can now be designed and printed out by almost anyone at the press of a button, and is going to lead to an 'explosion of new stuff,' predicts author Chris Anderson. more »
- Google Street View captures Galapagos Islands
- Few have explored the remote volcanic islands of the Galapagos archipelago, an otherworldly landscape inhabited by the world's largest tortoises and other fantastical creatures that inspired Charles Darwin's theory of evolution. more »
- King Richard III buried in 'untidy' grave
- New information has surfaced in the odd tale of the British king buried in a car park. King Richard III's remains, which were discovered August under a parking lot in Leicester, England, were laid to rest in a grave researchers are now saying was "badly prepared" and "untidy." more »
- EU pushes through restrictions to protect bees
- The European Union has approved restrictions on three pesticides to better protect dwindling bee populations, to enter into force by December. more »
Bob McDonald's Blog
Chris Hadfield: The gravity of gravity May. 17, 2013 9:58 AM After five months of being Superman and a media superstar, Canadian astronaut Chris Hadfield is now beginning the challenging task of adapting his mortal body and brain to life back on Earth.
Latest Features
- Toronto Mayor Rob Ford denies using crack cocaine
- Washington police blame bridge collapse on Alberta trucker
- Man accused of killing child in patio crash granted bail
- Canada ranks 3rd last in paid vacations
- Dog snared on baited hooks near Grouse Grind trail
- Amanda Bynes charged for allegedly tossing bong out window
- UBC student took 'nose dive into water' after bridge collapse
- Motorists warned to avoid Washington bridge collapse area
- London attack victim's widow speaks of 'our future together'
