Source: Help Net Security
by Zeljka Zorz
In this article “Grum, a botnet responsible for 17.4 percent of the world’s spam emails, finally seems to be dead.
In the last few days, Dutch authorities have shut down two of the botnet’s secondary C&C servers pointing to IP addresses 18.104.22.168 and 22.214.171.124.
Still, as FireEye researchers pointed out, the botnet couldn’t be terminated until the rest of the active servers – one master server in Panama and another in the Russian Federation – were taken offline.
The shutdown of those servers would have guaranteed the end of Grum, as the botnet has no fallback mechanism and has only a handful of master IPs hard-coded inside its binaries.”