Sign in / up

back to article Once-prolific Pushdo botnet crippled

Security researchers have disrupted the botnet known as Pushdo, a coup that over the past 48 hours has almost completely choked the torrent of junkmail from the once-prolific spam network. Researchers from the security inteligence firm LastLine said that they identified a total of 30 servers used as Pushdo command and control …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. JoeyG
    Pirate

    There is a solution.

    Send someone out to put a bullet in those servers. I know just the man for the job...and it seems the FBI does, too.

    Pirate because there's no cowboy flag.

    1 0
    1. Jimbo in Thailand
      Reply Icon
      Coat

      Re: There is a solution

      A more permanent solution would be to put a bullet in the servers' server. I'm sure there would be many volunteers.

      - Now which pocket did I leave the silencer in?

      0 0
  2. M Gale
    Alert

    Browsing in Chrome...

    "You attempted to reach anubis.iseclab.org, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site."

    0 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      yep, self-signed

      and not even by an internal CA.....cheapo MFs.

      0 0
    2. JohnG
      Reply Icon

      Re: Browsing in Chrome...

      Don't panic - they've generated their own certificate. You can remove the "s" from "https" in the URL and everything will work (but without the encryption).

      0 0
  3. Anonymous Coward
    Grenade

    what I want is

    A list of the ISPs. Make everything public.

    2 0
  4. Gerhard Mack

    Easy fix.

    Just black hole all net blocks owned by the isps that refused to disconnect.

    0 0
  5. Anonymous Coward
    Anonymous Coward

    Ignored?

    So for those providers who ignored requests to disconnect the spammers, why not just black-hole /all/ traffic from them? See how long they survive being ignored by the 'net, before their other customers leave them.

    0 0
  6. lglethal Silver badge
    Grenade

    Name and Shame...

    The Whitehats need to publically name and shame all of the hosts which refuse to co-operate when shown the data and participate in the takedown.

    Additionally, all of the upstream providers of these hosts should be informed and shown the data, as they are really the only ones with leverage over the lower tiers. Removable of your ability to provide internet to your customers is a pretty good lever to get an ISP into line.

    It would also then be pertinent to handover the data to local police authorities. In western countries im sure you could get a response against these ISP's for hosting spam/malware/virus servers/etc. In the rest of the world probably not so much action will be taken, but at least we can hope that in the more corrupt countries the local poli's will start demanding a cut for turning their back and so make it slightly less profitable to host these bastards...

    Just an idea...

    0 0
This topic is closed for new posts.

Other stories you might like