More Botnet Take Down … Are we there yet?

Another take down of the world third largest botnet (after Cutwail and Lethic), called GRUM and this time roughly 18 percent of global spam, or 18 billion spam messages a day was reported on Wednesday, 18 July 2012, according to NY Times.  The C&C servers pointing to IP addresses 94.102.51.226 and 94.102.51.227 have identified by FireEye researchers with the help of Dutch authorities and these IP addresses are Russian and Panama IP addresses, respectively.  GRUM botnet has been around since 2008 according to FireEye security researcher.  When the 2 servers was taken down by the Dutch authorities, the bot herders quickly move their C&C servers to Ukraine and the Panama servers were removed immediately by the bot herders.  Even tough we have successfully taken down GRUM but the world has not yet free from SPAM and worst, one botnet died, 3 more botnet sprang up.  At the end, we need to catch those coders and put them behind bars, as quoted by Jose Nazario, a senior security researcher from Arbor Networks.