Sprawling spam botnet struck down

CBC

July 19, 2012 at 2:13 p.m.

A California-based computer security company says it and several other experts have taken out a piece of malware responsible for more than 17 per cent of the world's spam.

FireEye wrote in a company blog Wednesday that all of the command and control servers deploying the Grum botnet had been disabled.

Several security experts had spent days playing a game of cat and mouse with the creators of the malware, shutting down servers in Panama and Russia only to have new ones pop up in the Netherlands and Ukraine.

In most cases, the security sleuths managed to convince the internet service providers hosting the servers to shut them down. In Russia, however, it was the upstream provider, which connects ISPs to the internet, that "null routed" — i.e. rendered useless — the IP address affiliated with the primary malware server in that country, wrote FireEye security researcher Atif Mushtaq.

Mushtaq said he co-operated with experts at the Switzerland-based Spamhaus and the Russian computer security incident response team CERT-GIB, as well as with an anonymous researcher known as Nova7, to rally the online community that tracks computer threats to put pressure on the ISPs hosting Grum servers.

Grum has been active since as far back as 2008, an unusually long life for a botnet, Mushtaq said.

As of January 2012, Grum was responsible for 33.3 per cent of worldwide spam, according to data from M86Security compiled by Mushtaq. But recently, its share of the spam market had dropped to 17.4 per cent, "making it the world's third-most active spam botnet after Cutwail and Lethic," Mushtaq wrote.

Mushtaq said the security community's success in taking down the botnet shows that with concerted effort, even ISPs in countries considered safe havens for those looking to set up command and control servers (CnCs) for malware can be pressured to help stop those flooding computer networks with malicious spam.

"There are no longer any safe havens," Mushtaq wrote. "Most of the spam botnets that used to keep their CnCs in the U.S.A. and Europe have moved to countries like Panama, Russia and Ukraine thinking that no one can touch them in these comfort zones. We have proven them wrong this time. Keep on dreaming of a junk-free inbox."

Yahoo Canada Style
Sophie Grégoire Trudeau is leaning into the unknown for her next chapter: 'I'm OK with the uncertainty'
No question was off limits in Yahoo Canada's candid and emotional conversation with the "Closer Together" author.
5 hours ago
HuffPost
How Toxic Is Trump? Republican Group's Hidden Camera Reveals Uncomfortable Truth.
The former president's behavior just doesn't fly out in the real world.
8 hours ago
HuffPost
OOPS! Eric Trump Freaks Out Over Dad’s Trial But Gets 1 Very Awkward Thing Wrong
A rant on Fox News from Donald Trump's son contained one glaring error.
9 hours ago
People
Sydney Sweeney Jokes That She’s Sorry for Having ‘Great’ Boobs During Mexico Vacation
The 'Euphoria' actress poked fun at her appearance in an Instagram post while enjoying a getaway with friends
a day ago
Miami Herald
Ryan Reynolds shares emotional tribute to Michael J. Fox
Ryan Reynolds wrote a tribute to Michael J. Fox that will bring a tear to your eye.
a day ago
People
Rebel Wilson Says British Royal Invited Her to 2014 Party with Drugs and Orgies
“Needless to say, I hike up my damsel dress and run out of there as fast as I can,” the 'Rebel Rising' author said of the medieval-themed party
13 hours ago
People
Prince Louis Stars in 6th Birthday Portrait Taken by Kate Middleton as She and William Share Personal Message
The image comes one month after Princess Kate's Mother's Day photo with her children was criticized for being edited
5 hours ago
Hello!
Royal fans left disappointed as Prince William and Princess Kate break with tradition on eve of Prince Louis' birthday
Here's how Prince William and Princess Kate strayed from established tradition on the eve of Prince Louis' 6th birthday
6 hours ago
Hello!
King Charles gives prestigious new roles to four family members
The King has granted new honours to Queen Camilla, the Prince and Princess of Wales, and the Duchess of Gloucester - find out more
2 hours ago
HuffPost UK
Lady Gaga Reacts As Pre-Fame Festival Performance From 17 Years Ago Goes Viral
The 13-time Grammy winner has a surprisingly good memory.
a day ago
HuffPost
Mary Trump 'Can't Help Laughing' At This 'Schadenfreude' In Uncle's Trial
Donald Trump's niece suggested what he's "probably been dreading" for decades.
a day ago
Good Housekeeping
‘NCIS’ Star Wilmer Valderrama Speaks Out After the Show Makes a Major Announcement
CBS announced that 'NCIS' got renewed for season 22 and will air during the 2024-2025 TV broadcast season on the network.
17 hours ago
HuffPost
Ex-Prosecutor Spots A Big 'Oops' In Donald Trump's Likely Legal Defense
Andrew Weissmann also predicted a huge "tug of war" over one particular witness in the former president's hush money trial.
a day ago
Snopes
This Photo Allegedly Shows What a Beach in Palestine Looked Like Before Israel Was Founded. We Delved into Its History
The photograph displays a beachfront built as prime example of Bauhaus architecture.
22 hours ago
HuffPost
Donald Trump Trashed With Stark Reminder Of His Climate Takes In Earth Day Ad
The former president's old comments came back to haunt him in the new spot from President Joe Biden's campaign team.
5 hours ago
Reuters
Trump accepts new restrictions on $175 million bond in New York civil fraud case
NEW YORK (Reuters) -Former President Donald Trump agreed on Monday to additional restrictions on the $175 million bond in the former U.S. president's New York civil fraud case, resolving concerns by the state attorney general that the funds were not secure. The bond issued by Knight Specialty Insurance is meant to secure Trump's compliance with a $454.2 million judgment won by state Attorney General Letitia James if he does not succeed in an appeal. Justice Arthur Engoron imposed the penalty after finding that Trump, the Republican presidential candidate to face President Joe Biden in the Nov. 5 election, fraudulently inflated his net worth and real estate assets to deceive banks and insurers into providing better terms.
a day ago
People
As Amber Heard Marks Her 38th Birthday, Get to Know Her Quiet Life in Madrid Two Years After Johnny Depp Trial
The actress moved to Spain for a quieter life with daughter Oonagh, who turned 3 earlier in April
a day ago
Hello!
Princess Beatrice's stepson's unusual sleeping arrangement at mother Dara's London rental home
Princess Beatrice's stepson Wolfie was pictured with his mother Dara Huang in a candid photo inside a bedroom of their Kensington home. See Edoardo Mapelli Mozzi's ex's confession about their sleeping arrangements…
a day ago
BANG Showbiz
Jon Bon Jovi 'hasn't been a saint'
Jon Bon Jovi hasn't "been a saint" in his long marriage to wife Dorothea.
a day ago
HuffPost
'NYET': New York Post Trolls 'Moscow' Marjorie Taylor Greene In Russian
The far-right Republican received a Russian makeover from the conservative tabloid.
a day ago

Latest Stories