Botnet attacks CIA website

Hundreds of websites including the CIA and the FBI are being hit by a botnet which floods them with junk data.

Other victims include Microsoft, Google, Twitter and PayPal.

According to security researcher Steven Adair,  the culprit is the Pushdo botnet.

“It seems the Pushdo botnet recently made changes to its code to cause infected nodes to create junk SSL connections to approximately 315 different websites,” he says.

“The bots seem to start to initiate an SSL connection and a bit of junk to the websites and then disconnect. They do not actually request an resources from the website or do anything else other than repeat the cycle periodically.”

While the scale of the attack doesn’t really amount to a DDoS attack, smaller sites could slow down or fall over as a result. Adair says there’s not much point changing IP address Pushdo is in most cases using hostnames.

Pushdo – aka Pandex or Cutwail – has been causing problems since 2007, generally distributing the Wigon rootkit and Cutwail spam Trojan.