07-16-2014 12:41 PM
July 16th, 2014, 15:43 GMT · By Ionut Ilascu
PushDo botnet distribution across the globe
07-17-2014 05:39 AM
By John Leyden, 17 Jul 2014
A wave of attacks by cybercrooks pushing a new variant of the resilient Pushdo Trojan has compromised more than 11,000 systems in just 24 hours.
Indian PCs have been most affected by the outbreak, but systems in the UK, France and the US have also been hit, according to security software firm Bitdefender.
The Romanian firm reckons 77 machines have been infected in the UK via the botnet in the past 24 hours, with more than 11,000 infections reported worldwide in the same period. Other countries that have been heavily affected by the Pushdo variant include Vietnam and Turkey.
07-21-2014 12:49 PM
July 21st, 2014, 15:01 GMT · By Ionut Ilascu
Most Pushdo infections have been recorded in Asia
07-21-2014 12:55 PM
This botnet is a serious malware that needs to be addressed more seriously. Based on this article the the crooks added an encrypted overlay to the binary file, that alone is enough to bypass securit measures and infect ones pc.
07-30-2014 02:54 PM - edited 07-30-2014 02:55 PM
July 30th, 2014, 19:33 GMT · By Ionut Ilascu
Bitdefender purchased domains that have been generated by the DGA (domain generation algorithm) component in Pushdo for sinkholing purposes.
The security firm has seen a constant rise in the number of IP addresses of infected computers trying to connect to the command and control servers of the operators in order to receive instructions.
In the latest report on the matter, the company says that the “research team saw the Pushdo bots calling home from a surprising 183.909 unique IP addresses, spread all over the world.”