Endpoint Protection

 View Only

  • 1.  Pushdo Botnet

    Posted Feb 02, 2010 09:47 PM

    Hello Folks,

    There seems to be a new type of Botnet call Pushdo. See below Synopsis and Impact.


    Has anyone encounter this type of botnet before?
    Does Symantec has any form of protection against the botnet mentioned below?



    Synopsis:

    ---------

    Pushdo is a botnet primarily used for spamming. Recently it has been observed launching Distributed Denial of Service (DDoS) attacks against certain SSL-enabled websites. The Pushdo malware is also known as Pandex and some components are known as Cutwail.

    Impact:

    -------

    Endpoints are the target of this malware.�� Infection means complete compromise of the target system, which may lead to exposure of confidential information, loss of productivity, and further network compromise.� Pushdo is a botnet primarily used for spamming. Recently it has been observed launching Distributed Denial of Service (DDoS) attacks against certain well-known SSL-enabled websites. The Pushdo malware is also known as Pandex and some components are known as Cutwail.



  • 2.  RE: Pushdo Botnet

    Posted Feb 02, 2010 10:22 PM
    Pandex is Symantecs name for that Trojan. Here are the documents on each of those:

    Writeup: Trojan.Pandex
    Writeup URL: http://www.symantec.com/business/security_response/writeup.jsp?docid=2007-042001-1448-99

    Writeup: Trojan.Pandex!gen1
    Writeup URL: http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-100817-2451-99

    Hope that helps,
    Enik