Grum botnet taken down, along with lots of spam emails

If your spam folder on your email account has a lot less emails inside today, you can thank the people who participated in the shut down of one of the biggest botnets on the Internet. The Grum botnet was closed earlier this week after security researchers managed to shut down the Internet connections of the botnet's main servers. reports that the shut down operation began on Tuesday, when a Dutch ISP cut off the net connection to two of the botnet's servers. Another server, based in Panama, was found and had its Internet connection severed. One server remained online in Russia, but the Grum botnet's unknown operators tried to bring a backup server in the Ukraine online.

However, by then security researchers were getting close and managed to get ISPs in the area to shut off the final server's connection on Wednesday. FireEye senior scientist Atif Mushtaq, who helped with closing the botnet, said, "We are confident that it can't recover. I've been monitoring Grum for four years. Right from the start we knew that it doesn't have any fallback mechanism."

The botnet used malware infected PCs around the world to generate as many as 18 billion emails a day, mostly to advertise drugs. The security firm Trustwave said that the Grum botnet created as much as 35 percent of the world's spam email just last week.

Mushtaq says that the closing of the Grum botnet has already caused another large botnet, Lethic, to cut its own spam email activities drastically, perhaps because its operators are afraid their servers might be discovered soon.


Report a problem with article
Next Article

Twitter fights Occupy Wall Street ruling

Previous Article

Microsoft offers more info on Excel 2013

9 Comments - Add comment