New Pushdo Variant Infects More Than 100k Computers
By: Danielle Walker, SC Magazine
A new variant of the revived Pushdo
trojan has infected more than 100,000 computers since the beginning of
August, and it's using a new technique to trip up researchers trying to
study the botnet.
As is the case with most botnet scenarios, computers that are
infected with Pushdo attempt to communicate with their
command-and-control server for instructions. The twist here is that the
botmasters have customized the malware so that it simultaneously
delivers HTTP requests to some 300 lesser known, but legitimate,
websites, which mixes in with traffic meant for the command-and-control
hub, said Brett Stone-Gross, a senior security researcher at Dell
SecureWorks Counter Threat Unit.