Your cart is empty
Visit The Shop

March 10, 2010 - TIFF CVE-2010-0188: Fixed?
March 10, 2010 - FDIC: Clueless on MFA and ACH
March 10, 2010 - Mariposa Botnet Malware Found On Vodafone HTC Magic
March 10, 2010 - LifeLock Will Pay $12 Million to Settle Charges
March 8, 2010 - Microsoft Security Intelligence Report volume 7 (January - June 2009)
March 6, 2010 - Solera Partners with Security Nightmare
March 6, 2010 - Fault-Based Attack of RSA Authentication
March 4, 2010 - Regulators Revisit E-Banking Security Guidelines
March 4, 2010 - Mariposa held 800,000 identities
March 4, 2010 - Homeland Security is recruiting new cyber-warriors
March 4, 2010 - Microsoft wants to tax you for their slop
March 4, 2010 - SCADA Devices on Verizon and Other Wireless Networks
March 4, 2010 - Old Heartland Breach: New Fraud
March 1, 2010 - TicketMaster protocols bypassed, 1mil tickets nabbed
March 1, 2010 - DoD Embraces Hacker Cert to Protect US

Pushdo botnet launches huge SSL DDOS against numerous sites

A spamming botnet known for keeping a low profile has been hammering hundreds of Websites — including the CIA, Chase, Mozilla Labs, Twitter, SANS, Google Chrome, and the FBI — during the past week with an unusually conspicuous amount of phony traffic that has researchers rushing to analyze its next move.

The Pushdo botnet, a.k.a. “Cutwail” and “Pandex,” has been flooding those sites with bogus SSL connections that stop short of requesting anything from the Website. The infected bots begin to initiate an SSL connection with some “junk” traffic and then disconnect, according to The Shadowserver Foundation. Shadowserver and other researchers have been monitoring the activity, which increased traffic by several million hits across several hundred thousand IP addresses, according to Shadowserver.

Shadowserver Foundation – Calendar – 2010-01-29.

Posted: February 1st, 2010
at 5:09pm by spacerog

Categories: Breaking News

Comments: No comments

You must be logged in to post a comment.

<img src="/images/sbutt-twitter.gif" border="0">

Attrition.org's list of Certified Pre-0wned products http://bit.ly/9IZP5j <- more complete than ThreatPosts 06:37:23 AM March 11, 2010 from Tweetie
RT @aestetix: 2600 Magazine presents The Next HOPE: Call for Projects and Art (Hotel Penn, NYC, July 16-18 2010): http://tr.im/Rm48 05:36:40 PM March 10, 2010 from Twitterrific
RT @kpoulsen PayPal reportedly admits it blocked donations because it disapproves of Cryptome's mission http://bit.ly/9qIqwK 05:36:13 PM March 10, 2010 from Twitterrific
Chicopee MA town website defaced with Argentinean graffiti including dancing bananas http://tr.im/Rakk 06:41:33 AM March 09, 2010 from Tweetie
RT @SecurityBSides Planning to attend B-Sides Boston (Apr 24 & 25, right after @SOURCEBoston)? RSVP at http://bsidesboston.eventbrite.com/ 02:14:11 PM March 08, 2010 from Twitterrific

TOP OF THE STACK (NEW)

ZDI-CAN-689: Apple February 23, 2010
A High severity vulnerability discovered by 'wushi of team509' was reported to the affected vendor on: 2010-02-23, 14 days ago. Once the vendor has created and tested a patch we will coordinate the release of a public advisory. […]
ZDI-CAN-702: Apple February 23, 2010
A High severity vulnerability discovered by 'wushi of team509' was reported to the affected vendor on: 2010-02-23, 14 days ago. Once the vendor has created and tested a patch we will coordinate the release of a public advisory. […]
ZDI-CAN-711: Apple February 23, 2010
A High severity vulnerability discovered by 'wushi of team509' was reported to the affected vendor on: 2010-02-23, 14 days ago. Once the vendor has created and tested a patch we will coordinate the release of a public advisory. […]

RECENTLY POPPED OFF (FIXED)

ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability March 9, 2010
This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Hewlett-Packard Performance Insight. Authentication is not required to exploit this vulnerability. […]
ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability March 9, 2010
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious file. […]
ZDI-10-024: Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability March 2, 2010
This vulnerability allows remote attackers to deny services on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. […]

WEBSITE READERSHIP

Countries	Visits	Pageviews
United States	13726 (54)	24740 (58)
Canada	1283 (5)	1950 (5)
United Kingdom	1233 (5)	1907 (4)
Germany	857 (3)	1336 (3)
India	575 (2)	833 (2)
France	462 (2)	740 (2)
Australia	383 (2)	556 (1)
Sweden	329 (1)	476 (1)
Italy	326 (1)	444 (1)
Brazil	324 (1)	446 (1)

Total Countries:	162
Total Visits:	25432
Total Pageviews:	42845

HACKER INTEREST

Search the PopSci Archives March 8, 2010
OK – For a minute there I was thinking Google was trying to confuse me – do I love them or hate them? Now I realize they’re profitting off their platform, it’s Popular Science that’s giving us the content. An awesome development! [Popular Science] partnered with Google to offer our entire 137-year archive for free browsing. [...] […]
DIY USB oscilloscope March 6, 2010
Here’s a USB oscilloscope project from a few years back. It’s easy to build on a single-sided PCB and very cheap because it uses just a handful of parts. At the center, an ATtiny45 microcontroller uses its ADC capabilities for the two traces and also handles the USB connectivity. The internal oscillator is used and [...] […]
Some Interesting Tools Released March 4, 2010
Imposter Imposter is a flexible framework to perform Browser Phishing attacks. The lists of attacks performed are: Steal cookies Set cookies Steal Local Shared Objects Steal stored passwords from FireFox Steal cached files Poison browser cache Steal files from the victim’s local file system through Internet Explorer Run SQL queries on the victim’s Google Gea […]
FINALLY – A “TOP” list we can agree with February 26, 2010
There have been a LOT of lame “Top Security” lists lately. Some start off as a self-serving stroke-fest, others degrade into that as the votes get rigged. While ChannelWeb didn’t get everyone out there, for once we’re seeing a list that goes outside social circles, the Twittersphere, and some n00b’s limited view of the world. [...] […]

CLASSIFIEDS

HELP WANTED: Java/Ruby/Django Developer March 8, 2010
Aftershock is looking for great developers to join our team. http://www.aftershocksf.com/ Web Application Developers: Java, Ruby on Rails, or Django About Aftershock: We make software for mobile devices, we’ve launched 2 apps that made it into the Top 5 of the iTunes App Store. We’ve launched more than 10 apps that have been downloaded cumulatively more than […]
HELP WANTED: HNNCast January 17, 2010
HNN is looking for “on-air talent”. We have studios in NYC and Boston or we can work with you remotely. Looking for various commitments from one-time to ongoing. Submit head-shot and/or audition tape with contact information to tan@hackernews.com. We’re also always looking for graphics contributions from our fans. Send us [...] […]
DataLoss DB and OSVDB Winter Fundraiser January 8, 2010
Good morning all. The Open Security Foundation is pleased to announce that we’re kicking off our first public fundraiser. The goal is to raise $9500 this quarter. The funds will go to supporting development of the site over the next few months, as well as ongoing maintenance, Freedom of Information Act requests, and other ongoing [...] […]

Avatars by Sterling Adventures

Site last updated March 10, 2010 @ 8:25 pm; This content last updated January 13, 2010 @ 8:16 pm

Your cart is empty
Visit The Shop

Pushdo botnet launches huge SSL DDOS against numerous sites

Leave a Reply

GOOGLE ADS

<img src="/images/sbutt-twitter.gif" border="0">

FOLLOW

HNN MERCHANDISE

TOP OF THE STACK (NEW)

RECENTLY POPPED OFF (FIXED)

ADVERTISEMENT

WEBSITE READERSHIP

PODCAST VIEWERSHIP

HNN IS SPONSORED BY…

CONS CALENDAR

Upcoming Events

THE DEFINITIVE LIST OF…

HACKER INTEREST

CLASSIFIEDS

FEED YOUR NEED FOR MORE

Your cart is emptyVisit The Shop

Pushdo botnet launches huge SSL DDOS against numerous sites

Leave a Reply

GOOGLE ADS

<img src="/images/sbutt-twitter.gif" border="0">

FOLLOW

HNN MERCHANDISE

TOP OF THE STACK (NEW)

RECENTLY POPPED OFF (FIXED)

HOT TOPICS ON HNNCAST

ADVERTISEMENT

WEBSITE READERSHIP

PODCAST VIEWERSHIP

HNN IS SPONSORED BY…

CONS CALENDAR

Upcoming Events

THE DEFINITIVE LIST OF…

HACKER INTEREST

CLASSIFIEDS

FEED YOUR NEED FOR MORE

Your cart is empty
Visit The Shop