Pushdo Sinkholing Continues, Size of Problem now Apparent

The sinkholing of Pushdo C&C domains continues and it has become apparent that the botnet is of quite sizeable proportions and pretty well spread globally – although some interesting prevalence patterns can be discerned in the new map provided by Bitdefender researchers, summarizing the connection attempts in the past 24 hours.

Pushdo global distribution map by unique IPs

As can be seen, Asia is the most affected continent, in a sharp departure from the spreading patterns of other botnets which simply stay proportional with Internet connectivity in the affected countries.

The most affected countries, by number of unique IPs attempting to connect for the past day, are, in order:

Vietnam	1319
India	1297
Indonesia	610
United States	559
Turkey	507
Iran, Islamic Republic of	402
Thailand	345
Argentina	315
Italy	302
Mexico	274

The research project is still ongoing and further data will be made available in the following days.

Tagspushdo

About the author

View All Posts

Razvan STOICA

Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking. Razvan Stoica started off writing for a science monthly and was the chief editor of a science fiction magazine for a short while before moving on to the University of Medicine in Bucharest where he lectured on the English language. Recruited by Bitdefender in 2004 to add zest to the company's online presence, he has fulfilled a bevy of roles within the company since. In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.

2 Comments

Click here to post a comment

Massive Botnet Attacks Overnight: watch live! | The Cryptosphere says:

July 24, 2014 at 3:03 am

[…] attacks may also be related to the fast-growing Pushdo trojan, which infected 11,000 new machines in the last 24 hours, primarily in Asia and the […]
New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours | TechnoXperts says:

July 26, 2014 at 9:15 am

[…] Turkey, but systems in the United Kingdom, France and the United States have also been targeted, according to the security software firm […]

Pushdo Botnet Tops 40k

New Pushdo Variant Surfaces

Annabelle Ransomware decryption tool

GandCrab Ransomware decryption tool

Bitdefender Ransomware Recognition Tool

RadRAT: An all-in-one toolkit for complex espionage ops

Operation PZChao: a possible return of the Iron Tiger APT

Terdot: Zeus-based malware strikes back with a blast from the past

Annabelle Ransomware decryption tool

GandCrab Ransomware decryption tool

Bitdefender Ransomware Recognition Tool

RadRAT: An all-in-one toolkit for complex espionage ops

Operation PZChao: a possible return of the Iron Tiger APT

Terdot: Zeus-based malware strikes back with a blast from the past

Annabelle Ransomware decryption tool

GandCrab Ransomware decryption tool

Bitdefender Ransomware Recognition Tool

RadRAT: An all-in-one toolkit for complex espionage ops

Operation PZChao: a possible return of the Iron Tiger APT

Terdot: Zeus-based malware strikes back with a blast from the past

Pushdo Sinkholing Continues, Size of Problem now Apparent

About the author

Razvan STOICA

2 Comments

Recent posts

You may also like

About the author

Razvan STOICA

2 Comments

We mostly write about

Recent posts