• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
researchers 'accidentally' crash kmsdbot cryptocurrency mining botnet network

Researchers ‘Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network

You are here: Home / General Cyber Security News / Researchers ‘Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network
December 1, 2022

An ongoing examination into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it getting unintentionally taken down.

KmsdBot, as christened by the Akamai Security Intelligence Response Group (SIRT), came to gentle mid-November 2022 for its capability to brute-force systems with weak SSH credentials.

The botnet strikes the two Windows and Linux equipment spanning a large selection of microarchitectures with the principal aim of deploying mining software program and corralling the compromised hosts into a DDoS bot.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


CyberSecurity

Some of the significant targets involved gaming corporations, technology companies, and luxurious motor vehicle companies.

Akamai researcher Larry W. Cashdollar, in a new update, spelled out how instructions despatched to the bot to recognize its operation in a controlled setting inadvertently neutralized the malware.

Cryptocurrency Mining Botnet Network

“Curiously, right after just one solitary improperly formatted command, the bot stopped sending instructions,” Cashdollar reported. “It truly is not just about every day you come throughout a botnet that the danger actors on their own crash their very own handiwork.”

This, in turn, was built attainable owing to the deficiency of an error-checking mechanism crafted into the source code to validate the gained instructions.

Especially, an instruction issued devoid of a room involving the concentrate on web-site and the port brought about the total Go binary running on the infected machine to crash and stop interacting with its command-and-regulate server, correctly killing the botnet.

The point that KmsdBot isn’t going to have a persistence mechanism also signifies that the malware operator will have to re-infect the machines once more and re-establish the infrastructure from scratch.

“This botnet has been likely right after some pretty massive luxury brands and gaming organizations, and still, with 1 failed command it simply cannot continue,” Cashdollar concluded. “This is a powerful instance of the fickle mother nature of technology and how even the exploiter can be exploited by it.”

Found this post appealing? Observe us on Twitter  and LinkedIn to browse extra exclusive content we write-up.


Some elements of this posting are sourced from:
thehackernews.com

Previous Post: «Cyber Security News LastPass Reveals Another Customer Data Breach
Next Post: Researchers Accidentally Crash Cryptomining Botnet Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.