Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Botnet

+ - Dutch Police Takedown C&Cs Used by Grum Botnet->

Submitted by wiredmikey
wiredmikey (1824622) writes "Dutch authorities have pulled the plug on two secondary servers used by the Grum botnet, a large botnet said to produce about 17% of the world's spam. According to researchers from FireEye, the backup C&C servers were located in the Netherlands, and once word of their existence was released, Dutch authorities quickly seized them.

While any C&C server takedown is a win, the impact may be minimal, as the two primary servers are fully active, and the datacenters hosting them are unresponsive to fully documented abuse reports.

That being said, FireEye's Atif Mushtaq noted that the botnet does has some weak spots, including the fact that Grum has no failback mechanism, has just a few IPs hardcoded into the binaries, and the botnet is divided into small segments, so even if some C&Cs are not taken down, part of botnet can still remain offline.

The removal of the C&C servers shines light on how quickly some law enforcement agencies work, given that proof of their existence is just over a week old."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Dutch Police Takedown C&Cs Used by Grum Botnet

Comments Filter:

No amount of genius can overcome a preoccupation with detail.

Working...