According to security researcher Steven Adair, the culprit is the Pushdo botnet.
"It seems the Pushdo botnet recently made changes to its code to cause infected nodes to create junk SSL connections to approximately 315 different websites," he says.
"The bots seem to start to initiate an SSL connection and a bit of junk to the websites and then disconnect. They do not actually request an resources from the website or do anything else other than repeat the cycle periodically."
Pushdo botnet flooding 315 websites
Posted on Tuesday, February 02 2010 @ 17:14 CET by Thomas De Maesschalck
TG Daily reports the Pushdo botnet is flooding about 315 different websites with junk SSL connections, victims include the CIA, FBI, Microsoft, Google, Twitter, PayPal and many other firms.