Cybersecurity researchers take down DDoS botnet by accident

Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,233
Content source
https://www.bleepingcomputer.com/news/security/cybersecurity-researchers-take-down-ddos-botnet-by-accident/
While analyzing its capabilities, Akamai researchers have accidentally taken down a cryptomining botnet that was also used for distributed denial-of-service (DDoS) attacks.

As revealed in a report published earlier this month, the KmsdBot malware behind this botnet was discovered by members of the Akamai Security Intelligence Response Team (SIRT) after it infected one of their honeypots.

KmsdBot targets Windows and Linux devices with a wide range of architectures, and it infects new systems via SSH connections that use weak or default login credentials.

Compromised devices are being used to mine for cryptocurrency and launch DDoS attacks, with some of the previous targets being gaming and technology companies, as well as luxury car manufacturers.

Unfortunately for its developers and luckily for the device owners, the botnet doesn't yet have persistence capabilities to evade detection.

However, this means the malware has to start all over if it's detected and removed or it malfunctions in any way and loses its connection to the command-and-control (C2) server.
Click to expand...
www.bleepingcomputer.com

Cybersecurity researchers take down DDoS botnet by accident

While analyzing its capabilities, Akamai researchers have accidentally taken down a cryptomining botnet that was also used for distributed denial-of-service (DDoS) attacks.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: Berny, shivam90, Mercenary and 5 others
S

shivam90

New Member
Feb 9, 2023
0
It's not uncommon for cybersecurity researchers to stumble upon and take down a botnet while conducting research or investigating cyber threats. Botnets are network (n/w) of infected computers that are controlled by a single entity and used to launch large-scale distributed denial of service (DDoS) attacks or spread malware. When a researcher finds a botnet, they may choose to take it down to prevent it from being used for malicious purposes, even if it wasn't the original intent of their research.

Taking down a botnet requires a deep understanding of its infrastructure and operations, as well as the ability to disrupt its command and control servers. In some cases, researchers may work with law enforcement agencies to shut down the botnet and identify the individuals behind it.

While taking down a botnet can be a major accomplishment for researchers, it's important to remember that there will always be new threats emerging, and the battle against cybercrime is never truly won. Nevertheless, the work of cybersecurity researchers plays a critical role in keeping the internet safe and secure for all users.
 
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
KmsdBot Malware Now Targets IoT Devices with Enhanced Capabilities
Replies
1
Views
1,329
News Archive
Sandbox Breaker
Sandbox Breaker
MuzzMelbourne
    • Like
    • +Reputation
New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks
Replies
0
Views
1,011
News Archive
MuzzMelbourne
MuzzMelbourne
MuzzMelbourne
    • Like
    • +Reputation
Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices
Replies
2
Views
1,367
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top