World’s third largest botnet receives mortal blow

By | July 20, 2012

Source: Help Net Security

by Zeljka Zorz

In this article “Grum, a botnet responsible for 17.4 percent of the world’s spam emails, finally seems to be dead.

In the last few days, Dutch authorities have shut down two of the botnet’s secondary C&C servers pointing to IP addresses 94.102.51.226 and 94.102.51.227.

Still, as FireEye researchers pointed out, the botnet couldn’t be terminated until the rest of the active servers – one master server in Panama and another in the Russian Federation – were taken offline.

The shutdown of those servers would have guaranteed the end of Grum, as the botnet has no fallback mechanism and has only a handful of master IPs hard-coded inside its binaries.”

Leave a Reply