Security researchers at ESET reported that the spam-dispensing Mumblehard Linux botnet is no longer active due to the combined efforts of ESET, the Cyber Police of Ukraine and CyS Centrum.
Mumblehard, which was first technically dissected by ESET one-year ago, has been offline since February 29. ESET malware researcher Marc-Etienne M.Léveillé said those behind Mumblehard took action to shore up the malware after it was exposed, but with help of local authorities and other partners the cybercriminals were forced to shut it down.
“The malware authors apparently responded by removing the unnecessary domains and IP addresses from the list of C&C servers included in the malware and keeping only the one that was under their control. With only one IP address acting as the C&C server for the Mumblehard backdoor and no fallback mechanism, a takeover of that IP address would suffice to stop the malicious activities of this botnet, Léveillé wrote.