3 Questions
What error did the KmsdBot controllers cause when controlling the botnet?
Index Out of Range Error
What is the best defense against KmsdBot?
Public key authentication
What language is KmsdBot written in?
Golang
Study Notes
- KmsdBot is a cryptomining botnet that could also be used for denial-of-service (DDOS) attacks.
- Researchers at Akamai Security Research noticed that, when controlling the botnet, its controllers forgot to put a space between an IP address and a port in a command. This caused a panic crash with an "index out of range" error.
- Because there's no persistence, the bot stays down, and malicious agents would need to reinfect a machine and rebuild the bot's functions.
- KmsdBot is an intriguing modern malware written in Golang.
- Almost all KmsdBot activity Akamai's firm was tracking has ceased, though the authors may be trying to reinfect systems again. Using public key authentication for secure shell connections, or at a minimum improving login credentials, is the best defense in the first place.
Test your knowledge about KmsdBot, a cryptomining botnet that can also be used for DDOS attacks, written in Golang and known for causing a panic crash due to a command error. Learn about the lack of persistence and the best defense mechanisms against it.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free