Monday 16 June, 2014
No, it’s not a villain in a Harry Potter book; it’s Grum, the 3rd largest botnet on earth, responsible for as much as 18 percent of the spam emails that come into your inbox. The good news for all of us is that this Godzilla of spam has been brought down, probably permanently, by an ace Internet security team from the firm FireEye.
Grum, Your Kingdom Must Come Down
Grum is also known by a few other names like Tedroo and Reddyb. For four years, Grum has been on a rampage, filling your inbox with spam. In 2010, it was the world’s biggest botnet, spewing out as many as 40 billion spam messages in the month of March alone.
The infernal botnet was run from control centers all over the world by an international group of spammers. While its messages were chucked into spam folders or ignored by many, lots of people fell for its deceitful messages and the steady stream of illicit income kept it going.
FireEye, working with international anti-spam organization Spam Haus as well as local hosting services all around the world, tracked down Grum’s control centers. In three days of constant struggle, the botnet was taken down. The scammers hustled to move it to secure centers in Russia and the Ukraine, which are considered safe haven for spammers, but it was no use. Grum drew its dying breath. All of its control centers were dead.
Masters and Zombies
A botnet is a malware program. It has a control center (or multiple control centers) which acts as the mother ship. From this control center, it sends out spam messages that can infect computers. Once a computer is infected, the malware starts doing funny things to it. The botnet controls the computer remotely from the control center. What botnets typically do is steal data from the infected computers, known as zombies.
Kill All Botnets
The take down of Grum highlights new strategies used by security firms to stop scammers. It was the combined effort of a coalition that launched a simultaneous assault on all of Grum’s control centers. This meant years of tracking on the part of the heroes and a decisive attack. Since 2008, this strategy has brought down a number of botnets, significantly reducing the spam our email folders get.
The take down is probably permanent. It’s believed that Grum has no fallback mechanism spammers can use to resurrect the botnet. However, the battle is won but the war rages on. Next, security firms will turn their attention to the two other major botnets left in the world, Lethic and Cutwail. If these two are taken down, you’ll see a lot less spam in your inbox. Unfortunately, spammers are constantly developing new ways to attack us.