FireEye have confirmed that Grum botnet has been completely shut down. The security specialists managed to gain control over the C&Cs of the third largest spam botnet.
As we have already informed, on 16 July two of the Grum C&Cs, were ceased in the Netherlands. In that day the FireEye geeks informed that most of the Grum servers were stationed in Russia and Panama. They also said that each C&C is in control of a separate botnet segment.
On 17 July the Panama server was also defused and considerable part of Grum zombies stopped sending their spam but hackers introduced 8 new command and secondary servers in Ukraine.
According to FireEye advisory Carel Van Straten and Thomas Morrison from Sophos, CERT-GIB associate Alex Kuzmin, and an independent developer Nova7 conducted a massive operation and shut down all the Grum servers.
It should be pointed out that Grum was responsible for 18 % of all the spam so our inboxes should become a little bit clearer from now on.
FireEye advisory is accessible here.
