Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Dutch Police Takedown C&Cs Used by Grum Botnet

wiredmikey (1824622) writes | more than 2 years ago

Botnet 0

wiredmikey (1824622) writes "Dutch authorities have pulled the plug on two secondary servers used by the Grum botnet, a large botnet said to produce about 17% of the world's spam. According to researchers from FireEye, the backup C&C servers were located in the Netherlands, and once word of their existence was released, Dutch authorities quickly seized them.

While any C&C server takedown is a win, the impact may be minimal, as the two primary servers are fully active, and the datacenters hosting them are unresponsive to fully documented abuse reports.

That being said, FireEye's Atif Mushtaq noted that the botnet does has some weak spots, including the fact that Grum has no failback mechanism, has just a few IPs hardcoded into the binaries, and the botnet is divided into small segments, so even if some C&Cs are not taken down, part of botnet can still remain offline.

The removal of the C&C servers shines light on how quickly some law enforcement agencies work, given that proof of their existence is just over a week old."

Link to Original Source

Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?