Slashdot Mirror

← Back to Stories (view on slashdot.org)

Botnet Targets Web Sites With Junk SSL Connections

Posted by kdawson on from the look-over-there dept.

angry tapir writes "More than 300 Web sites are being pestered by infected computers that are part of the Pushdo botnet. The FBI, Twitter, and PayPal are among the sites being hit, although it doesn't appear the attacks are designed to knock the sites offline. Pushdo appears to have been recently updated to cause computers infected with it to make SSL connections to various Web sites — the bots start to create an SSL connection, disconnect, and then repeat." SecureWorks's Joe Stewart theorizes that this behavior is designed to obscure Pushdo's command and control in a flurry of bogus SSL traffic.

3 of 64 comments (clear)

  1. Re:From TFA by siloko · · Score: 3, Funny

    most Slashdotters have fairly lax moral standards. Especially when it comes to computers.

    Yes, essentially we are all evil . . . now where's that kitten? Er, sorry, I meant robotic, remote-controllable kitten with embedded linux firmware!?

  2. Re:And they say obfuscation isn't a good defense by fm6 · · Score: 3, Funny

    Obfuscation isn't good security. But, as any politician will tell you, it's excellent defense.

  3. Re:SSL traffic by JamesP · · Score: 3, Funny

    I would bet that on them not being CMMI certified and not writing their viruses in java...

    --
    how long until /. fixes commenting on Chrome?