Good news for those who are being targeted by nuisance and irksome spam in their email inbox on a regular basis because from now onwards, they will be seeing comparatively less spam. Because of a worldwide effort, the world’s biggest spammers have been knocked out this week.
“About 50 percent of the worldwide spam is gone,” says FireEye senior scientist Atif Mushtaq who was part of this activity.
This massive decline in spam emails is the result of coordinated efforts by various security firms and Internet service providers across the world that successfully thrashed the network of grimy computers knows as “the Grum botnet.” According to the estimates by FireEye’s, Grum is believed to be the world’s most proliferant spammer, producing more than 17 billion emails regularly. It is found that almost 20% of the world’s spam is because of Grum.
A botnet is a group of systems equipped with malware, which is hacked by outsider attackers. These people use botnets for malicious purpose like sending huge volume of spam or making denial-of-service attacks on various websites. The bigger the botnet, the more powerful it can be in terms of hacking websites.
Grum is considered as a vast and malicious spammer. It was initially detected in 2008, when its malware hit thousands of computers worldwide and sent massive amounts of pharmaceutical spam advertising despicable drugs.
The botnet completely relied on “command and control” servers. These servers are somehow scattered in different countries across the world including Panama, the Netherlands and Russia. But on the other hand, it has a major drawback: The network cannot be recovered in case all of its command servers get down simultaneously.
Dutch authorities yanked the plug Tuesday on two of Grum’s command and control servers. Right after this a Panamanian server was also affected. However, when botnet’s operators got know about their network attack, they immediately launched their elusive actions, moving their traffic to a new set of backup servers in Ukraine.
“Right in front of my eyes, the bot herders started pointing their botnet to new destinations,” Mushtaq wrote in a blog post about the takedown. “For a moment, I was stunned.”
Mushtaq immediately informed collaborators across the globe, which also includes a cyberecurity team in Russia that instantly took action against the new servers’ Internet providers. And in a short period of time, they were successful in persuading key providers to cut the connection.
“We are confident that it can’t recover,” Mushtaq said to a news agency. “I’ve been monitoring Grum for four years. Right from the start we knew that it doesn’t have any fallback mechanism.”
According to stats released by a security company Trustwave, Grum was behind 35 percent of the Internet’s spam in the last seven days.
Spam has been considerably gone down in the recent years because of the coordinated global efforts. Mushtaq believes that the objective of a junk-free inbox will be achieved soon.
“One last final blow and I think we can make a rapid and permanent decline in worldwide spam,” he said.