Major Russian spam organisation busted

International technical and enforcement teams have reported a major success, breaking up a mammoth global spamming organisation that they claim pushed out 18 billion spam emails every day.

The publication Ars Technica reports that the ring, known as Grum, was the world’s third largest spam generator, and that the international team dismantled it after convincing the companies that hosted its command and control servers to pull the plug.
A leading member of the team and senior scientist at the security group FireEye, Atif Mushtaq, claimed in a blog post that the Grum botnet was finally killed off this week after six servers in Ukraine and one in Russia were shut down.

The servers were the last-gasp defence of the botnet after they had been disconnected in the Netherlands and Panama. Faced with the threat of losing a 100,000-computer network that generated an estimated 18 billion spam messages a day, the Grum operators were desperately trying to transition to those machines when they, too were disconnected.

“Grum’s takedown resulted from the efforts of many individuals,” Mushtaq wrote. “This collaboration is sending a strong message to all the spammers: ‘Stop sending us spam. We don’t need your cheap Viagra or fake Rolex. Do something else, work in a Subway or McDonalds, or sell hotdogs, but don’t send us spam.'”

Mushtaq revealed that Grum has sent out around 18 percent of the world’s spam, and that FireEye has also been active in taking down smaller spam botnets like Srizbi, Rustock, Cutwail, and Ozdok.

Ars Technica reports that Microsoft, Kaspersky, and others have also participated in the eradication of botnets, sometimes using novel legal tactics to prevent the operators from regrouping.

Botnet operators have long viewed Russia and Ukraine as safe havens for their illegal activities, so this week’s takedown is seen as something of a coup.

Related and similar