New Malware KmsdBot: The Attack And The Mine Malware

November 26, 2023

New Malware KmsdBot: The Attack And The Mine Malware

by Larry W. Cashdollar

Who is AKAMAI?

The Akamai Security Intelligence Response Team (SIRT) is responsible for tracking, detecting, documenting, and publishing new discoveries to protect the security and stability of Akamai, Akamai’s customers, and the internet as a whole. As part of this mission, we have myriad honeypots spread over the internet. Members of the SIRT observe and analyze these honeypots, which leads to all sorts of cool findings, as well as allows us to keep a pulse on what is happening in the wild

What they discover and how they did it.

This week, we began experimenting with a new honeypot configuration to see what else we could find, especially as we come into the holiday season. Since we have traditionally seen more malicious activity around this time of year, the new honeypot was left more open and accessible throughout the early stages of testing and modification. What better way to test it, right?

Sure enough, we found an interesting log entry: A cryptominer with distributed denial-of-service (DDoS) functionality tailored to the gaming industry. It’s not often we see these types of botnets actively attacking and spreading, especially ones written in Golang. The targets range from gaming companies to luxury car brands to security companies — this malware is almost erratic with regard to its targets.

for more information

Search This Blog

Cyber Security Blog

New Malware KmsdBot: The Attack And The Mine Malware

Comments

Post a Comment

Archive

Popular Posts

OwnCloud Under Siege: Navigating the Fallout of a Severe Vulnerability Exploitation

The Perfect Cybersecurity Resume: A 6-Step Guide