Pakistani IT professional helps in smashing botnet

| | No Comments

STAFF REPORT ISB:  A Pakistani professional, originating from Lahore and now a senior staff scientist at FireEye, a security firm headquartered in San Francisco, has successfully taken down a network of Grum said to be responsible for sending 20 per cent (and 33 percent at one time in 2011) of all spam emails in the world.

Grum had developed a network called – botnet, a collection of computers – connected with each other through internet – whose security has been breached and are controlled by anonymous servers especially for sending (spam) emails to locally stored contacts.

Born in Russia, traces of Grum roots back to 2007 and was primarily developed to inject a Trojan on target computers with ability to replicate the bots and communicate back to server also called Command and Control.

Atif Mushtaq was following Grum with all the details and is able to trace a set of IPs that were hosting all command and control servers of Grum. There were over a dozen such servers in Netherlands, Panama and Russia.

Atif wrote a series of posts, seeking attention of researchers and experts to take down Grum, which eventually helped him to fetch companions with common interest.

Grum originator, of course, tried to set up more (fallback) servers in Russia and Ukraine but they were taken down too.


--

Short Link: http://www.technologytimes.pk/?p=9571