Symantec Security Response wants IT admins and users to know that there are still large numbers of infected systems out there--like the hundreds of thousands of PCs still infected with DNSChanger months after the malware was effectively shut down.
A statement from Symantec Security Response explains, "The attackers are still out there as well, so they may attempt to grow a new Botnet. Users should make sure they have good antivirus software installed and kept up to date. Also, users should be proactive about keeping their systems and applications patched with the latest security updates."
Wosotowsky agrees, pointing out, "Grum only existed in the first place because users didn't have adequate defenses."
He also stresses that IT admins should implement detailed tracking and logging of network traffic data. This information may prove invaluable to security researchers and authorities trying to track down and shut down malware attacks.