IT-specialist Brian Krebs presented a study about one of the largest spam botnets. Grum was recognized as the third largest botnet in the world, and it sent almost 20% of spam distributed worldwide. Computers controlled by Grum’s servers were sending about 18 billion spam messages every day.
According to the database at Krebs disposal, more than 193,000 systems were infected with one of three versions of the Grum code, malware that turned host systems into spam-spewing zombies.
The Web interface used to control the botnet was called “Zagruska Systems,” (“zagruska” is a transliteration of the Russian word “çàãðóçêà,” which means “download”). The HTML code on the server includes the message “Spam Service Coded by -= ( Spiderman).” The password used to administer the botnet’s Web-based interface was “a28fe103a93d6705d1ce6720dbeb5779″ and hash password “megerasss”.
The researcher claimed that the Grum control server hosted a large number of email addresses — more than 350 GB. The database is dozens of separate address lists, containing from 20 to 60 million compromised addresses each. 60 different address list files found in one directory on the server showed that they contained more than 2.3 billion addresses.