A couple of command and control servers were temporarily set up in Turkey

Sep 18, 2012 11:15 GMT  ·  By

Grum, the world’s third largest spam botnet, has been taken down in July by Spamhaus, FireEye and CERT-GIB. However, last week, the botnet’s masters instated a couple of new command and control (C&C) servers in Turkey.

Both servers were taken offline and while they were active, researchers didn’t notice any major spam-related activities. According to FireEye experts, this may be an attempt to resurrect Grum.

“Grum has been on our watch list since day one and it is pretty naive on the bot herder's part to think that their actions would go unnoticed. Their new investment went badly, costing them some real time and money,” FireEye’s Atif Mushtaq explained.

It remains to be seen if the bot herders will make such attempts in the future. Although, considering that they had such a successful business in the past, it shouldn’t surprise anyone if they did.