Scrabblous writes "This eweek.com article provides a peek at the backend code and control server associated with Pushdo, a complex Trojan downloader that meticulously tracks its victims. From the article: For starters, the Pushdo controller uses the GeoIP geolocation database in conjunction with whitelists and blacklists of country codes to allow the malware distributor to limit one of the malware loads from infecting users located in a particular country. It also goes a step further, logging the victim's primary hard drive serial number, tracking whether the file system is NTFS, the number of times the victim system has launched a Pushdo variant, and the Windows OS version that executed the malware."
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
I thought the malware distribution system was vista off the shelf. It contains just about everything for distributing malware, but if you really want to distribute it as quickly as possible then it's best to attach the box to a chair and balmer will throw it in the general direction of the target system. This is a known and proven approach to getting malware onto a target.
Interesting (Score:1)