Here is the promised followup to our look at the Grum botnet takedown, in which we have good news and not so good news.
A week ago we didn’t see much effect. As we noted, that was possibly because the takedown took down the command and control nodes, presumably leaving the bots still spewing whatever spam campaign they had already queued up.
Well, apparently that campaign ran out, because they stopped spewing. Here is an updated graph of grum botnet and its top 10 ASNs:
Grum botnet and its top 10 ASNs
Graph by John S. Quarterman for SpamRankings.net.
The updated Top 10 Botnets graph has good news and bad news: