Slashdot Mirror

← Back to Stories (view on slashdot.org)

Botnet Targets Web Sites With Junk SSL Connections

Posted by kdawson on from the look-over-there dept.

angry tapir writes "More than 300 Web sites are being pestered by infected computers that are part of the Pushdo botnet. The FBI, Twitter, and PayPal are among the sites being hit, although it doesn't appear the attacks are designed to knock the sites offline. Pushdo appears to have been recently updated to cause computers infected with it to make SSL connections to various Web sites — the bots start to create an SSL connection, disconnect, and then repeat." SecureWorks's Joe Stewart theorizes that this behavior is designed to obscure Pushdo's command and control in a flurry of bogus SSL traffic.

3 of 64 comments (clear)

  1. nginx to the rescue? by Anonymous Coward · · Score: -1, Troll

    Sounds like they need to use a web server that can easily handle such a load, even if they're junk requests. What is that web server? Why, it's nginx of course!

  2. Junk SSL Connection by cormander · · Score: -1, Troll

    What exactly is a "Junk SSL Connection"? Please tell me it has nothing to do with the slang for a man's "area". The thoughts of "the goods" being attacked... oof.

  3. #irc.trolltalk.com by Anonymous Coward · · Score: -1, Troll

    My resi(6nation OpenBSD guys. They