Frustrated by the deluge of penis enlargement spam email? Fear no more. The botnet known as “Grum” has been knocked off the Internet. People will just have to look for penis enlargement elsewhere now.
Security researchers led by FireEye’s Atif Mushtaq were able to kill every one of Grum’s servers, which were located in Panama, Russia, the Netherlands and Ukraine. As Mushtaq wrote on the FireEye blog, “I am glad to announce that, after three days of effort, the Grum botnet has finally been knocked down. All the known command and control (CnC) servers are dead, leaving their zombies orphaned.”
Grum worked through these various CnC centers, which controlled computers infected with malware in order to send us all the penis enlargement emails.
The security team was first able to eliminate the Netherlands and Panama-based CnC servers, but as soon as the Panama server fell, the Russia “bot herders” opened another one in the Ukraine.
I was thinking that all we needed was to take down one Russian server, but right in front of my eyes, the bot herders started pointing their botnet to new destinations. I must say, for a moment, I was stunned. The bot herders replaced the two Dutch servers with six new servers located in Ukraine. Ukraine has been a safe haven for bot herders in the past and shutting down any servers there has never been easy.