Pushdo Sinkholing Continues, Size of Problem now Apparent
The sinkholing of Pushdo C&C domains continues and it has become apparent that the botnet is of quite sizeable proportions and pretty well spread globally – although some interesting prevalence patterns can be discerned in the new map provided by Bitdefender researchers, summarizing the connection attempts in the past 24 hours.
Pushdo global distribution map by unique IPs
As can be seen, Asia is the most affected continent, in a sharp departure from the spreading patterns of other botnets which simply stay proportional with Internet connectivity in the affected countries.
The most affected countries, by number of unique IPs attempting to connect for the past day, are, in order:
| Vietnam | 1319 |
| India | 1297 |
| Indonesia | 610 |
| United States | 559 |
| Turkey | 507 |
| Iran, Islamic Republic of | 402 |
| Thailand | 345 |
| Argentina | 315 |
| Italy | 302 |
| Mexico | 274 |
The research project is still ongoing and further data will be made available in the following days.
Related posts
Aug.18.2016
in Anti-Malware Research , by Alexandra GHEORGHE
Hackers Can Use Smart Sockets to Shut Down Critical Systems
Jul.05.2016
in Anti-Malware Research , by Alexandra GHEORGHE
New Backdoor Allows Full Access to Mac Systems, Bitdefender Warns
Jul.01.2016
in Anti-Malware Research , by Razvan Stoica
Pacifier APT - two years and counting
Jun.08.2016
in Anti-Malware Research , by Alexandra GHEORGHE
Bitdefender Stops ZCrypt Worm-Like Ransomware
May.26.2016
in Uncategorized , by Liviu Arsene
2 Responses to Pushdo Sinkholing Continues, Size of Problem now Apparent