November 5, 2014, 12:00 am
in Anti-Malware Research , by Exploits Team

Over the past few months we’ve been monitoring the Rovnix botnet (other AV vendors call it papras/ursnif/gozi). We have observed as infection vectors pay per install campaigns, but also the Andromeda malware. We have analyzed the malware’s DGA, sinkholed it, … Continue reading

1 Comment
August 27, 2014, 2:53 pm
in Anti-Malware Research , by Bianca Stanescu

With the Ukrainian conflict in mind, an alleged hacker community from Russia installs data-stealing malware on users’ machines by pretending the software was designed to attack Western governments. Oddly enough, over 40 per cent of the infected servers are in … Continue reading

32 Comments
July 30, 2014, 1:20 pm
in Anti-Malware Research , by Razvan Stoica

Further sinkholing by the Bitdefender research team saw the Pushdo bots calling home from a surprising 183.909 unique IP addresses, spread all over the world.

1 Comment
July 18, 2014, 12:13 pm
in Anti-Malware Research , by Razvan Stoica

According to Bitdefender researchers who are monitoring the sinkholed Pushdo domains, the bots have made no less than 499.389 requests, from 45.053 unique IP addresses, in an interval of 48 hours, giving a more precise sense of the total size … Continue reading

Comments Off on Pushdo Botnet Tops 40k