Botnet Targets Web Sites With Junk SSL Connections - Slashdot

Slashdot

Botnet Targets Web Sites With Junk SSL Connections 64

Posted by kdawson on Monday February 01, 2010 @10:51PM
from the look-over-there dept.

angry tapir writes "More than 300 Web sites are being pestered by infected computers that are part of the Pushdo botnet. The FBI, Twitter, and PayPal are among the sites being hit, although it doesn't appear the attacks are designed to knock the sites offline. Pushdo appears to have been recently updated to cause computers infected with it to make SSL connections to various Web sites — the bots start to create an SSL connection, disconnect, and then repeat." SecureWorks's Joe Stewart theorizes that this behavior is designed to obscure Pushdo's command and control in a flurry of bogus SSL traffic.

This discussion has been archived. No new comments can be posted.

Botnet Targets Web Sites With Junk SSL Connections

Search 64 Comments Log In/Create an Account

Comments Filter:

The FBI has already apprehended the culprits (Score:1, Funny)

by The FBI (1717712) writes: on Tuesday February 02, 2010 @12:03AM (#30991430)

The FBI has apprehended the individuals responsible for the Pushdo botnet, but because the said individuals are minors, we have decided to file no charges if the said individuals apologized to everyone who had been negatively affected by the Pushdo botnet. Unfortunately, due to a typo, the said individuals issued a botnet command that is causing the botnet computers to keep trying to POST the following apology to the SSL port:
POST / HTTP/1.0
Referer: http://ir902.detention.fbi.gov/ [fbi.gov]
User-Agent: PushDo/1.0.1
Accept: */*
Content-type: application/x-www-form-urlencoded
Content-length: 1337
apology=We+apologize+for+any+inconvenience+our+childish+Pushdo+botnet+experiment+may+have+caused you.+Sincerely,+Billy+Pushman+and+Jimmy+Doe.

Share
twitter facebook linkedin
Re:From TFA (Score:4, Funny)

by siloko (1133863) writes: on Tuesday February 02, 2010 @12:29AM (#30991560) Homepage

most Slashdotters have fairly lax moral standards. Especially when it comes to computers.
Yes, essentially we are all evil . . . now where's that kitten? Er, sorry, I meant robotic, remote-controllable kitten with embedded linux firmware!?

Parent Share
twitter facebook linkedin
Re:And they say obfuscation isn't a good defense (Score:4, Funny)

by fm6 (162816) writes: on Tuesday February 02, 2010 @12:33AM (#30991588) Homepage Journal

Obfuscation isn't good security. But, as any politician will tell you, it's excellent defense.

Parent Share
twitter facebook linkedin
Re:SSL traffic (Score:4, Funny)

by JamesP (688957) writes: on Tuesday February 02, 2010 @07:23AM (#30993306)

I would bet that on them not being CMMI certified and not writing their viruses in java...

Parent Share
twitter facebook linkedin

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

546 commentsChanging the Ratio of Women In Tech: How Etsy Did It
332 commentsLast Forking Warning For Bitcoin
288 commentsResearcher Evan Booth: How To Weaponize Tax-Free Airport Goods
274 commentsBotched Security Update Cripples Thousands of Computers
234 commentsFedora 19 To Stop Masking Passwords

Your computer account is overdrawn. Please reauthorize.