Such compromised computers area unit known as “bot”, and that they area unit used (or controlled remotely) for varied functions, hottest of that is to send (spam) emails to regionally keep contacts.
Grum—that’s what they're line of work it—was one such network same to be answerable for causing twenty p.c (and thirty three p.c at only once in 2011) of all spam emails within the world has currently been taken down, due to the efforts and collaboration initiated by Atif Mushtaq, a Pakistani skilled originating from urban center and currently a senior workers man of science at FireEye, a security firm headquartered in point of entry.
Born in Russia, traces of Grum roots back to 2007 and was primarily developed to inject a Trojan not off course computers with ability to duplicate the bots and communicate back to server conjointly known as Command and management.
In March 2007 the planet started receiving emails from admin@microsoft.com with “Download net somebody 7” link in it. Clicking on link would transfer AN exe file to provide the management of bot’s hard disc to the command and management servers. shortly there have been one hundred twenty,000 bots connected to world wide web, that may communicate back to Command and management.
Grum, that may enhance itself with regular updates coming back from command and management servers, shortly started causing emails with links to affiliate product. it's same that botnet owner, allegedly a hacker from Russia, created USD half-dozen million in 2010 solely.
Atif Mushtaq was following Grum with all the small print and was able to trace a collection of IPs that were hosting all command and management servers of Grum. there have been over a dozen such servers in Kingdom of The Netherlands, Panama and Russia. Atif wrote a series of posts, seeking attention of researchers and specialists to require down Grum, that eventually helped him to fetch companions with common interest.
By teaming up with Spamhaus—a company answerable for keeping record of SPAM IP addresses—and contributors from varied countries, Atif was able to eliminate all Grum servers. Grum creator, of course, tried to setup additional (fallback) servers in Russia and country however they were taken down too.
Botnets can keep evolving little doubt, however while not Grum the planet can see twenty p.c lesser SPAM. conjointly this instance shows that botnet servers residing in countries like country, China and Russia may be taken down. A hope for a far better spam-free world, during which business spends over USD forty billion annually on anti-spam technologies.
Complete details of this journey of Atif Mushtaq was coated by TechCrunch here. Here is Atif’s web logpost on his company blog.
No comments:
Post a Comment