Grum was responsible for 18 billion spam emails sent every day
Grum, the world’s third-largest botnet, has been taken down, security researchers have claimed.
It is thought the botnet was responsible for spewing out around 18 billion spam emails very day, roughly 20% of the global total of spam messages.
Security firm FireEye worked with spam tracker Spamhaus and ISPs across the world to take the botnet offline. Grum’s command and control servers were located in the Netherlands, Russia and Panama, FireEye said.
FireEye’s Atif Mushtaq explained that once the Panamanian server had been shut down, the people in charge of the botnet relocated the command and control servers to the Ukraine, which has been somewhat of a safe haven for botnets, Mushtaq said.
The Ukrainian server was alive for little more than 24 hours before it too was shut down, Mushtaq added.
"When the appropriate channels are used, even ISPs within Russia and Ukraine can be pressured to end their cooperation with bot herders," he wrote.
"There are no longer any safe havens. Most of the spam botnets that used to keep their CnCs in the USA and Europe have moved to countries like Panama, Russia, and Ukraine thinking that no one can touch them in these comfort zones. We have proven them wrong this time. Keep on dreaming of a junk-free inbox.
Earlier this year Microsoft led the takedown of the botnet that was pushing out the Zeus banking malware. The servers were running in Pennsylvania and Illinois. It was estimated that at its height Zeus had infected 13 millions PCs around the world.
Shortly after that it was announced that a group of companies, including Kaspersky Lab and Dell SecureWorks, had taken control of the Kelihos botnet. Kelihos, also known as Hlux, was used to send out spam emails as well as steal personal data and perform distributed denial of service (DDoS) attacks on specific targets. It was the second version of the botnet after the original had been shut down in September 2011.