Mumblehard Linux Spamming Botnet Finally Taken Offline


Thousands of servers running Linux and BSD had been affected by one of world’s most damaging botnets

One of the world’s most damaging botnets has finally been shut down after a concerted effort from security firms and governments.

The Mumblehard botnet was responsible for targeting servers running both Linux and BSD, causing backdoors that allowed cybercriminals full control of the system simply by running arbitrary code, after which they could hijack the server to send out spam emails.

However, it has now been successfully taken offline by security firm ESET, in co-operation with CyS-CERT and the Cyber Police of Ukraine, the former revealed today.


BotnetNoting that Mumblehard had been in-operational now since February 29, ESET is now running a sinkhole server for all known components, with the data being shared with overseer CERT-Bund, which is now notifying the affected parties around the world.

The botnet had been slowing down since ESET published a technical analysis of Mumblehead last May, with the company noticing an immediate reaction from its operators.

However this then spurred the criminals on to quickly update their botnets, which were moved onto a single command and control (C&C) server.

ESET was then able to leap into action with its partners, with the Cyber Police of Ukraine shutting down the Mumblehard C&C server on 29th February and replacing it with ESET’s sinkhole.

This detected that almost 4,000 Linux systems compromised with the Mumblehard botnet agent at the end of February, many of which had been compromised through an unpatched CMS such as WordPress or Joomla, or one of their plugins.

“Collaboration with law enforcement and external entities was crucial to making this operation a success,” said ESET.

“ESET would like to thank the Cyber Police of Ukraine, CyS Centrum LLC and CERT-Bund. We are proud of our efforts to make the internet a safer place.

“Mumblehard might not be the most prevalent, the most dangerous or the most sophisticated botnet out there, but shutting it down is still a step in the right direction and shows that security researchers working with other entities can help reduce the impact of criminal activity on the internet.”

What do you know about famous hackers? Take our quiz!

Read also :
Author: Mike Moore
Click to read the authors bio  Click to hide the authors bio