You’ll be seeing less of Nigerian princes in your email inboxes these days as a recent global effort took out one of the world’s largest spammers. In a coordinated asssault by security firms and Internet service providers around the world, a network of infected computers known as the Grum botnet was taken down.
A botnet is comprised of numerous internet-connected computers infected with malware that are taken over by an outside force without the user’s knowledge. These computers are then used for malicious activities such as sending out huge amounts of spam, for which Grum was responsible for sending out about 18 billion emails a day, experts say.
Essentially the botnet is controlled by a central brain known as a “command and control” server, which Grum had several of, dotted around countries around the globe including Russia, Panama, and the Netherlands. The weakness in the Grum botnet was that it did not have a recovery system in the event of all their servers shutting down simultaneously. It was this fatal weakness that experts exploited, pulling the plug on each of the servers in their respective countries. Estimates by security firm Trustwave say that roughly 35% of worldwide spam came from the Grum botnet, though estimates vary between firms.