Slashdot Mirror

← Back to Stories (view on slashdot.org)

Pushdo Trojan Infects 11,000 Systems In 24 Hours

Posted by Unknown on from the bots-everywhere dept.

An anonymous reader writes Bitdefender has discovered that a new variant of the Trojan component, Pushdo, has emerged. 77 machines have been infected in the UK via the botnet in the past 24 hours, with more than 11,000 infections reported worldwide in the same period. The countries most affected so far by the Pushdo variant are India, Vietnam and Turkey. Since Pushdo has resurfaced, the public and private keys used to protect the communication between the bots and the Command and Control Servers have been changed, but the communication protocol remains the same.

5 of 32 comments (clear)

  1. Missing information by Anonymous Coward · · Score: 3, Insightful

    What operating system does this software run on?

    1. Re:Missing information by just_another_sean · · Score: 3, Interesting

      This is what I was wondering... AFAICT the first link is /.'ed and the second link doesn't go in to any technical details. I'm assuming Windows until I hear otherwise but the geographic mix is interesting; are these Windows XP boxes? Is the fact that the infections are concentrated in India and Asia an indication of the many people there that have not upgraded?

      I'd never heard of Pushdo before this, anyone else know more about it?

      --
      Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
    2. Re:Missing information by operagost · · Score: 3, Insightful

      So basically, all EOL systems that have no business being connected to a network except for 2003, which also shouldn't be connected unless it has SP2 and all security patches.

      --

      Gamingmuseum.com: Give your 3D accelerator a rest.
    3. Re:Missing information by grcumb · · Score: 3, Insightful

      Well it runs on Windows obviously. With the number of reported infections, the speed with which it happened, and the fact that it is a Trojan (meaning you need to trick the user into running it), it can only be Windows.

      This propagation rate is positively tiny. Honestly, I don't know why it's even part of the headline. For context, this paper (PDF, sorry) shows Code Red infecting over 500,000 machines in an hour.

      If 11,000 machines in a day is an event, then we should all be sitting back and breathing a sigh of relief that the bad old days are over....

      (Not that I believe that they are. I just don't see any reason for the breathless headline.)

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
  2. Re:Is this a ZeuS variant? by bogdan.botezatu · · Score: 3

    It's not a Zeus variant. It's world's largest spambot ever (72bn messages per day). The figures show the old bots getting upgraded to the new variant.