In a three day effort, FireEye Malware Intelligence Lab succeeded in bringing down Grum, the malicious, spam botnet. Grum was ranked behind Cutwail and Lethic botnets in size, and as recent as January, was thought to be the most active spam generator in the whole world.
Grum's servers in Russia, Panama, and the Netherlands were thought to be in control of as many as 100,000 infected "zombie" PCs, bots from which Grum was spewing out a whopping 18 percent of the world's internet spam.
On Monday and Tuesday, Grum's servers were brought down in the Netherlands and Panama.Or so the FireEye team thought. After the takedown of the two Dutch servers, six new Grums servers cropped up in Ukraine, where the takedown is known to be difficult. But as of 11:00 PST, Grum was dealt its final blow, a spokesperson told PC Mag.
"FireEye, working with Russian CERT-GIB and Spamhaus, found each of these new CnC servers, took a heavy-handed approach in working with Russian ISPs and domain registrars, and took them down ... signaling the full shut down of the botnet."
Do you notice less spam as of late? If so, thank you, FireEye.