1 min read

Pushdo Sinkholing Continues, Size of Problem now Apparent

Răzvan STOICA

July 16, 2014

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Pushdo Sinkholing Continues, Size of Problem now Apparent

The sinkholing of Pushdo C&C domains continues and it has become apparent that the botnet is of quite sizeable proportions and pretty well spread globally – although some interesting prevalence patterns can be discerned in the new map provided by Bitdefender researchers, summarizing the connection attempts in the past 24 hours.

Pushdo global distribution map by unique IPs
Pushdo global distribution map by unique IPs

As can be seen, Asia is the most affected continent, in a sharp departure from the spreading patterns of other botnets which simply stay proportional with Internet connectivity in the affected countries.

 

The most affected countries, by number of unique IPs attempting to connect for the past day, are, in order:

Vietnam 1319
India 1297
Indonesia 610
United States 559
Turkey 507
Iran, Islamic Republic of 402
Thailand 345
Argentina 315
Italy 302
Mexico 274

The research project is still ongoing and further data will be made available in the following days.

tags


Author



Right now

Top posts

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

July 21, 2021

9 min read
How We Tracked a Threat Group Running an Active Cryptojacking Campaign

How We Tracked a Threat Group Running an Active Cryptojacking Campaign

July 14, 2021

10 min read
A Note from the Bitdefender Labs Team on Ransomware and Decryptors

A Note from the Bitdefender Labs Team on Ransomware and Decryptors

May 26, 2021

2 min read
New Nebulae Backdoor Linked with the NAIKON Group

New Nebulae Backdoor Linked with the NAIKON Group

April 28, 2021

1 min read
Good riddance, GandCrab! We’re still fixing the mess you left behind.

Good riddance, GandCrab! We’re still fixing the mess you left behind.

June 17, 2019

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Digitally-Signed Rootkits
are Back – A Look at
FiveSys and Companions Digitally-Signed Rootkits are Back – A Look at FiveSys and Companions
Cristian Alexandru ISTRATEBalazs BIRORareș Costin BLEOTUClaudiu COBLIȘ
1 min read
LuminousMoth – PlugX, File Exfiltration and Persistence Revisited LuminousMoth – PlugX, File Exfiltration and Persistence Revisited
Bogdan BOTEZATUVictor VRABIE
9 min read
Debugging MosaicLoader, One Step at a Time Debugging MosaicLoader, One Step at a Time
Janos Gergo SZELESBogdan BOTEZATU
1 min read