Pushdo trojan infected hosts were updated in early 2010 to initiate a steady stream of SSL connections to dozens of stable and well known websites. The SSL sessions do not request any valid web content and quickly abort each session. Initial investigations by others has detailed the profile of these so-called "junk" SSL sessions. The traffic increase to websites as a result of the updated trojan does not appear to be significantly affecting most sites, but has been noticed by many of the targeted website operators and the activity has been covered by the media. DRG has been making a concerted effort to study and analyze this change in behavior as well as help make available infection data to qualified third parties for remediation purposes. DRG research, analysis and references regarding Pushdo are shown below. General inquiries are welcome. Send email to firstname.lastname@example.org.