Researchers take down KmsdBot malware

Share post:

Akamai reported that during ongoing research on the KmsdBot, a syntax error caused the bot to stop sending commands, effectively killing the botnet, resulting in the end of the cryptomining botnet that was also used for distributed denial-of-service (DDoS) attacks.

Akamai researchers previously published a blog post about the KmsdBot, a cryptomining botnet with command-and-control capabilities that infected victims through SSH and weak credentials. After infecting one of Akamai’s honeypots, the Akamai team analyzed and reported on KmsdBot.

The KmsdBot infects new systems via SSH connections that use weak or default login credentials. It targets Windows and Linux devices with a wide range of architectures. KmsdBot, a Golang-based virus, has been discovered attacking a variety of businesses, including gambling, luxury vehicle brands, and security agencies. The botnet, according to researchers, infects systems via an SSH connection that uses weak login credentials. To avoid detection, the malware does not remain persistent on the infected system.

The malware gets its name from an application called “kmsd.exe” that is downloaded from a remote server after a successful penetration. It is also designed to support a wide range of architectures, including Winx86, Arm64, MIPS, and x86 64.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

The US government and Its Microsoft dependency: A cybersecurity dilemma

Microsoft's series of high-profile cybersecurity failures has once again spotlighted the complex relationship between the tech giant and...

Gen Z prefers social media over Google for initial searches

A significant shift in search habits is underway among young internet users, with Gen Z increasingly turning to...

The race to harness AI in big banks heats up

The journey to harness Artificial Intelligence (AI) within the U.S. banking sector is proving to be a formidable...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways