THE SECURITY WARLOCKS at ESET have closed off an annoying Linux spam botnet called Mumblehard that has been a problem for some time.
Mumblehard (no sniggering at the back) was a problem until late February when ESET, working alongside the Cyber Police of Ukraine and CyS Centrum, kicked down the doors and set about flushing it down the toilet.
"[We] have taken down the Mumblehard botnet, stopping all its spamming activities since 29 February 2016," said ESET in a We Live Security blog post.
"ESET is operating a sinkhole server for all known Mumblehard components. We are sharing the sinkhole data with CERT-Bund, which is taking care of notifying the affected parties around the world through their national Computer Emergency Response Teams."
The operation was helped by the fact that the botnet used a sole command-and-control (C&C) server. Once this was traced, the police were called and the botnet, which is based on malware written in Perl, was shut down.
"With the help of the Cyber Police of Ukraine and CyS Centrum LLC we were able to obtain information from the C&C server in October 2015. A forensic analysis revealed that most of our initial assumptions about the botnet size and its purpose were correct. Spamming was their main business," said ESET.
"When the Cyber Police of Ukraine shut down the Mumblehard C&C server on 29 February 2016 they replaced it with a sinkhole operated by ESET. We have been collecting data from it during March.
"It showed that almost 4,000 Linux systems had been compromised with the Mumblehard botnet agent at the end of February 2016. We have not seen any new variants of Mumblehard, or any activities from this group, since the takedown."
There is a new 'BillGates' Linux malware threat to worry about now anyway. µ
To hear more about security challenges, the threats they pose and how to combat them, sign up for The INQUIRER sister site Computing's Enterprise Security and Risk Management conference, taking place on 24 November.
A serious graphics card for serious professionals
Your money or your digital life
Chipmaker says it will continue to fight FTC's 'meritless' claims
What is life without some mystery?