All the latest UK technology news, reviews and analysis

Grum botnet briefly returns from the dead

24 Jul 2012

The creators of the infamous Grum botnet managed to briefly bring the spam network back from the dead, before it was once again shutdown.

Security vendor FireEye reported the attempt to get the botnet back online took place on Monday.

"Over the weekend we found that the Ukrainian internet service provider (ISP) SteepHost removed the null route on three [command and control servers] that were taken down last week," wrote FireEye researcher Atif Mushtaq in a blog post.

"We immediately noticed this change and contacted SteepHost once again. After hours of negotiations, they eventually shut down these CnCs once more. During this time there was a short burst of spam sent by Grum, but it has disappeared as of this morning."

FireEye originally took down Grum on 19 July following a joint operation with spam-tracking service SpamHaus and local ISPs.

Grum is believed to have been the world's third largest botnet, with researchers estimating it was spitting out 18 billion spam messages a day at its peak.

Mushtaq warned that the botnet's operators may make a similar attempt to reactivate Grum in the near future, claiming the success of the operation would depend on ISPs.

"What are the odds that something like this will happen again? It's hard to predict at this time. Carel Van Straten of SpamHaus had a conversation with a SteepHost representative this morning. SteepHost assured him that something like this will not happen again," wrote Mushtaq.

"Interestingly, their excuses for letting these servers go online were break-ins and security-related issues. Funny, isn't it? They even claimed that this time they wiped out the CnC servers' hard drives. Wow, virtually destroying all of the evidence?"

Prior to Mushtaq's claim, Microsoft Trustworthy Computing director Tim Rains had issued a warning that Europe's cyber crime business is booming.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Senior PHP (JavaScript / node.js developer)

Senior PHP (JavaScript / node.js developer) Assertis...

Business Analyst / Modeller

Our client makes innovative interactive games for a specific...

Field Services Engineer

Field Services Engineer Command Alkon, a global...
To send to more than one email address, simply separate each address with a comma.