• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Whitepapers
  • SMB Spotlight
  • Newsletters
  • Sign in
  • Events
    • Upcoming events
      event logo
      Big Data Virtual Summit

      The Big Data Virtual Summit will comprise expert keynotes, real world case studies and interactive discussion panels led by senior IT practitioners who will share their tips for Big Data technologies and data management strategies.

      • Date: 19 Oct 2016
      • Online
      event logo
      V3 Technology Awards

      2016 V3 Awards

      • Date: 25 Nov 2016
      • London
      View all events
      Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Whitepapers
    • V3-resources-120x194
      Leveraging data for small businesses

      The most successful businesses are those with confidence in their ability to store, access and use data effectively.  Rather than focusing on the nuts and bolts of storage, this view point looks at the data it holds and more importantly, what can be done with it.

      Download
      V3-resources-120x194
      Getting the SMB network just right

      This review looks at why small businesses need to stop being complacent about their networks and at what they can do to maintain their competitive edge as they follow the big boys down the route of increasing collaboration and other bandwidth-hungry applications likely to impact on network performance and availability.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • SMB Spotlight
  • Sign in
  •  
    •  

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      Forgot your password?
     
     
      • Saved articles
      • Newsletters
      • Apps
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
    • Apps
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    Forgot your password?
 
 
    • Saved articles
    • Newsletters
    • Apps
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Security

Grum botnet briefly returns from the dead

Spam monster enjoys brief resurrection

spam-spam-spam
  • Alastair Stevenson
  • Alastair Stevenson
  • @MonkeyGuru
  • 24 July 2012
  • Tweet  
  • Facebook  
  •  
  •  
  • Save this article  
  • Send to  
0 Comments

The creators of the infamous Grum botnet managed to briefly bring the spam network back from the dead, before it was once again shutdown.

Security vendor FireEye reported the attempt to get the botnet back online took place on Monday.

"Over the weekend we found that the Ukrainian internet service provider (ISP) SteepHost removed the null route on three [command and control servers] that were taken down last week," wrote FireEye researcher Atif Mushtaq in a blog post.

"We immediately noticed this change and contacted SteepHost once again. After hours of negotiations, they eventually shut down these CnCs once more. During this time there was a short burst of spam sent by Grum, but it has disappeared as of this morning."

FireEye originally took down Grum on 19 July following a joint operation with spam-tracking service SpamHaus and local ISPs.

Grum is believed to have been the world's third largest botnet, with researchers estimating it was spitting out 18 billion spam messages a day at its peak.

Mushtaq warned that the botnet's operators may make a similar attempt to reactivate Grum in the near future, claiming the success of the operation would depend on ISPs.

"What are the odds that something like this will happen again? It's hard to predict at this time. Carel Van Straten of SpamHaus had a conversation with a SteepHost representative this morning. SteepHost assured him that something like this will not happen again," wrote Mushtaq.

"Interestingly, their excuses for letting these servers go online were break-ins and security-related issues. Funny, isn't it? They even claimed that this time they wiped out the CnC servers' hard drives. Wow, virtually destroying all of the evidence?"

Prior to Mushtaq's claim, Microsoft Trustworthy Computing director Tim Rains had issued a warning that Europe's cyber crime business is booming.

  • Tweet  
  • Facebook  
  •  
  •  
  • Save this article  
  • Send to  
  • Topics
  • Security
  • Law
  • spam
  • Botnets
  • cyber-crime
  • ISP

V3 Latest

Edward Snowden NSA Prism whistleblower
Snowden points finger at Russia over NSA hack

Tweets offer possible cause for major hack

  • Government
  • 16 August 2016
Cloud computing
IBM beats AWS and Azure in seven-year Workday cloud deal

Deal suggests still market left to play for

  • Cloud Computing
  • 16 August 2016
Hacker
NSA hack sees information up for auction in major security incident

Shadow Brokers hacker group claims responsibility

  • Security
  • 16 August 2016
TechEd 2014 Microsoft logo
Microsoft to issue Windows 7 and 8.1 updates together

Firm claims move will make life easier for admins

  • Operating Systems
  • 16 August 2016
blog comments powered by Disqus
Back to Top

Most read

Surface Book fulcrum hinge
Microsoft Surface Book 2 release date, specs and price rumours
Galaxy Note 7 render
Samsung Galaxy Note 7 release date, price, specs and features
Microsoft Windows 10 on a laptop
Windows 10 Anniversary Update: 8 ways to tackle problems caused by latest release
Sage at Accountex
Sage breach exposes personal data of staff at 280 companies
Tim Cook and Aaron Levie in discussion at BoxWorks in San Francisco
Tim Cook's 5 key moments as Apple CEO: Maps, iPhones and Apple Watch launch
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About Incisive Media
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube
  • Apps

© Incisive Business Media Limited

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 9177174 & 9178013

Digital publisher of the year 2010, 2013 & 2016

Digital publisher of the year 2010, 2013 & 2016