The Battle with Botnets Continues…
A computer security company based in California named FireEye announced that the Grum botnet, the world’s third largest botnet, had all of its command and control (CnC) servers shut down, thereby putting it out of commission. The Grum botnet was responsible for sending much of the unsolicited spam email messages regarding the purchase of pharmaceuticals. On July 16, 2012, FireEye reported that the servers based in the Netherlands had been shut down. On the following day, the servers located in Panama were de-activated. However, the two original Dutch servers were replaced by six new botnet servers in the Ukraine to join the server still in existence in Russia.
FireEye contacted Spamhaus (based in Geneva, Switzerland) and CERT-GIB (based in Russia) who used contacts in Russia and the Ukraine to lobby internet service and bandwidth providers to eliminate the Ukrainian- and Russian-based servers running the Grum botnet. Spamhaus used to track some 120,000 Grum IP (internet protocol) addresses sending spam email daily; however, after the shutdown of the aforementioned servers, the number of IP addresses has been reduced to 21,505. These sources should be rendered inoperative without access to CnC servers.
Before its servers were shut down, the Grum botnet was responsible for approximately 17%-18% of the world’s spam (or some 18 billion spam messages per day), down from 33.3% in January 2012, but following in size after the Cutwail and Lehtic botnets. In March 2012, United States marshals and Microsoft cyber investigators raided offices in Pennsylvania and Illinois connected to a botnet that infected more than 13 million computers around the world, recording keystrokes to steal usernames and passwords to raid online bank accounts for some $100 million over a five-year period by using Zeus malware.
Botnets are often used by hackers to overwhelm other servers with large amounts of junk or spam mail with a Distributed Denial of Service (DDoS) to the intended user audience.
Those of us working in Toronto Public Library branches who teach the Email Made Easy workshops to library patrons emphasize the frustrations associated with spam email and the importance of reporting it to the email providers such as Gmail, Hotmail, Yahoo etc. who strive to reduce and eliminate spam.