Bitdefender says that Pushdo Botnet Infected more than 76,000 Machines
Pushdo network of tainted computers is much bigger than what was expected initially because security firm Bitdefender has found that it spreads over 76,000 machines connected to domains under their power, as per news published by softpedia.com on July 21, 2014.
Bitdefender provided information about a new Pushdo malware variant during last week of July, 2014 stating that the new strain came with a new DGA (domain generation algorithm) and featured dissimilar private and public keys for the encrypted contact with the command and control (C2) server.
The security firm (Bitdefender) recently reported that more and more computers are being infected by the malware as 784,000 requests being recorded on Monday, 21st July, 2014 which have come from 76,433 unique IP (Internet Protocol) addresses.
Security company purchased domains to which these are connected based on the list given by the domain generation algorithm constructed into Pushdo.
The information comes from Bitdefender's sinkholing action of the Pushdo domains. At the starting of the operation, they saw 2,336 IP (Internet Protocol) addresses connected to the systems of the threat attackers waiting for directions in an interval of less than three hours.
Bitdefender's data showed that most infections had been spotted in India (4,215), Vietnam (3,637), the United States (2,153), Argentina (2,075), Turkey (2,045), Mexico (1,811), Indonesia (1,755), Iran (1,561), Italy (1,393) and Thailand (1,107). Hundreds of infections had been detected in Taiwan, the Philippines, Egypt, Brazil, Peru, France, Malaysia, Russia, South Africa, Colombia, Pakistan, Poland, China, Spain, South Korea, Germany, UK and Japan.
Bitdefender says that as per the latest count up, the botnet still has its axis of gravity in Asia with India (21,768) being the most affected nation closely followed by Vietnam (20,043), Islamic Republic of Iran (9787), United States (9001), Turkey (8865), Indonesia (8240), Thailand (8062), Argentina (6212), Peru (5828) and Mexico (5447).
Bitdefender.com published news during last week of July 2014 quoting a comment of Doina Cosovan, Researcher with Bitdefender, as "On the whole, we believe this is a rather wide-spread botnet with a competent command and control system as symbolized by very fast switchover to usage of new DGA."
» SPAMfighter News - 8/7/2014