World’s third biggest spam botnet shut down

/ 4 years ago

Good news today for those of you fed up with spam mail. The world’s third biggest spam botnet, known by the name “Grum”, has been shut down. It was believed to be responsible for around 18%, nearly a fifth, of the world’s total spam emails.

The operation involved many firms, Fireeye were the company who gave the final confirmation that “Grum” had been shut down. Other companies including anti spam network SpamHaus, CERT-GIB – a rapid response, digital security firm – and a researcher named only as Nova7 all helped take part in the shutting of Grum.

To help take Grum offline they had to petition a lot of ISPs in many different nations to be successful. It was taken down on July the 18th.

The process was not simple, even after the congregation of groups managed to shut down the primary servers in Panama, new ones came online to replace them in the Ukraine – a nation with a notorious reputation for housing a lot of the world’s spam network. The Ukrainian servers were also shut down and once the master server in Russia was taken offline the majority of the Grum network collapsed.

According to SpamHaus statistics, the average day whilst Grum was active saw 120,000+ IP addresses from the Grum network sending out spam. Now that number has fallen to just over 21,000 of which most are outdated spam templates which should expire over the coming weeks as they cannot be renewed.