Categories: CyberCrimeSecurity

Mumblehard Linux Spamming Botnet Finally Taken Offline

One of the world’s most damaging botnets has finally been shut down after a concerted effort from security firms and governments.

The Mumblehard botnet was responsible for targeting servers running both Linux and BSD, causing backdoors that allowed cybercriminals full control of the system simply by running arbitrary code, after which they could hijack the server to send out spam emails.

However, it has now been successfully taken offline by security firm ESET, in co-operation with CyS-CERT and the Cyber Police of Ukraine, the former revealed today.

Squashed

Noting that Mumblehard had been in-operational now since February 29, ESET is now running a sinkhole server for all known components, with the data being shared with overseer CERT-Bund, which is now notifying the affected parties around the world.

The botnet had been slowing down since ESET published a technical analysis of Mumblehead last May, with the company noticing an immediate reaction from its operators.

However this then spurred the criminals on to quickly update their botnets, which were moved onto a single command and control (C&C) server.

ESET was then able to leap into action with its partners, with the Cyber Police of Ukraine shutting down the Mumblehard C&C server on 29th February and replacing it with ESET’s sinkhole.

This detected that almost 4,000 Linux systems compromised with the Mumblehard botnet agent at the end of February, many of which had been compromised through an unpatched CMS such as WordPress or Joomla, or one of their plugins.

“Collaboration with law enforcement and external entities was crucial to making this operation a success,” said ESET.

“ESET would like to thank the Cyber Police of Ukraine, CyS Centrum LLC and CERT-Bund. We are proud of our efforts to make the internet a safer place.

“Mumblehard might not be the most prevalent, the most dangerous or the most sophisticated botnet out there, but shutting it down is still a step in the right direction and shows that security researchers working with other entities can help reduce the impact of criminal activity on the internet.”

What do you know about famous hackers? Take our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

US Regulator Approves SpaceX Falcon 9 Return To Service

US Federal Aviation Administration approves SpaceX's Falcon 9 rockets to return to service following second-stage…

17 hours ago

X Drops Unilever From Advertiser Lawsuit

Social media platform X drops Unilever from lawsuit against advertisers after reaching agreement on 'safety…

18 hours ago

US Lawmakers Seek Answers From Telcos Over China Hack

US Congressional Representatives ask for answers from AT&T, Verizon, Lumen Technologies after wiretap networks reportedly…

18 hours ago

Northvolt In Talks For 200m Euros In Short-Term Funding

Swedish EV battery start-up Northvolt in talks for 200m euros in short-term funding as it…

19 hours ago

US Labour Board Accuses Apple Of Slack Restrictions

US labour officials say Apple illegally restricted employees' right to discuss workplace issues on Slack…

19 hours ago