Contributor: Andrew Watson
A coordinated effort lead by security researchers at FireEye and Spamhaus has resulted in the takedown of one of the largest spam botnets in the threat landscape. The botnet, known as Grum, was reportedly responsible for close to a third of the world’s spam email traffic.
We’ve been watching the developments carefully here at Symantec and have noticed a decided drop in spam traffic coming from the Grum botnet. Around 5:00 p.m. on July 17, the botnet sent a batch of around 40,000 spam emails. The next hour that number dropped to around 30,000. The next hour 16,000, followed by 11,000. The numbers continued to decline to the point where, yesterday afternoon, the botnet sent only a handful of spam messages.
The botnet appears to be dead in the water at this stage. This is good news for all: users may notice a marked drop in spam emails appearing in their inbox, and administrators should also notice lower server loads on their spam filtering systems.
Our congratulations go out to the folks at FireEye, Spamhaus, and the other security researchers involved for their successful takedown campaign.