• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Researchers Accidentally Crash Cryptomining Botnet

You are here: Home / General Cyber Security News / Researchers Accidentally Crash Cryptomining Botnet
December 1, 2022

Security researchers analyzing a prolific botnet managed to unintentionally eliminate it owing to the coding equal of a typing error, in accordance to Akamai.

The cloud security organization detected the “KmsdBot” previous thirty day period. The Golang-based bot is developed to conscript equipment by means of SSH and weak credentials, and has the performance to launch DDoS and cryptomining campaigns – targeting the gaming, technology and luxury vehicle industries, among the other folks.

Akamai determined to check some of the botnet’s command and regulate (C2) operation as aspect of its investigate, so it established up a managed atmosphere by modifying a recent sample of KmsdBot to talk to an IP handle in RFC 1918 deal with room.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“This authorized us to have a controlled surroundings to enjoy around in – and, as a final result, we were being in a position to deliver the bot our very own instructions to take a look at its features and attack signatures,” described Akamai principal security intelligence reaction engineer, Larry Cashdollar.

“Interestingly, just after 1 one improperly formatted command, the bot stopped sending commands.”

The command in concern was merely lacking a house involving the concentrate on internet site and the port, but it was more than enough to deliver the overall bot crashing down.

That is since, unfortunately for the bot herders, KmsdBot didn’t have mistake-examining developed into its code to validate that commands are adequately formatted.

“Because of this, an improperly formatted command will trigger the Go binary to crash with a stack trace stating an ‘index out of range’ error. This is because the erroneous variety of arguments were supplied,” described Cashdollar.

“This malformed command most likely crashed all the botnet code that was working on contaminated equipment and chatting to the C2 – primarily, killing the botnet.”

Even much better for the Akamai staff is the simple fact that the bot also did not have any capacity to preserve persistence on an infected machine, so the group driving it will proficiently now have to commence from scratch by reinfecting devices.

“It’s not frequently we get this kind of tale in security. In our world of zero times and burnout, observing a risk that can be mitigated with the coding equal of a typo is a nice story,” Cashdollar concluded.

“This botnet has been likely soon after some quite big luxury brand names and gaming providers, and but, with a single unsuccessful command it can not continue.”


Some parts of this write-up are sourced from:
www.infosecurity-magazine.com

Previous Post: «researchers 'accidentally' crash kmsdbot cryptocurrency mining botnet network Researchers ‘Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network
Next Post: Schoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android Users schoolyard bully trojan apps stole facebook credentials from over 300,000»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.