Cybersecurity researchers take down DDoS botnet by accident

Gandalf_The_Grey

Level 79
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,844
While analyzing its capabilities, Akamai researchers have accidentally taken down a cryptomining botnet that was also used for distributed denial-of-service (DDoS) attacks.

As revealed in a report published earlier this month, the KmsdBot malware behind this botnet was discovered by members of the Akamai Security Intelligence Response Team (SIRT) after it infected one of their honeypots.

KmsdBot targets Windows and Linux devices with a wide range of architectures, and it infects new systems via SSH connections that use weak or default login credentials.

Compromised devices are being used to mine for cryptocurrency and launch DDoS attacks, with some of the previous targets being gaming and technology companies, as well as luxury car manufacturers.

Unfortunately for its developers and luckily for the device owners, the botnet doesn't yet have persistence capabilities to evade detection.

However, this means the malware has to start all over if it's detected and removed or it malfunctions in any way and loses its connection to the command-and-control (C2) server.
 

shivam90

New Member
Feb 9, 2023
0
It's not uncommon for cybersecurity researchers to stumble upon and take down a botnet while conducting research or investigating cyber threats. Botnets are network (n/w) of infected computers that are controlled by a single entity and used to launch large-scale distributed denial of service (DDoS) attacks or spread malware. When a researcher finds a botnet, they may choose to take it down to prevent it from being used for malicious purposes, even if it wasn't the original intent of their research.

Taking down a botnet requires a deep understanding of its infrastructure and operations, as well as the ability to disrupt its command and control servers. In some cases, researchers may work with law enforcement agencies to shut down the botnet and identify the individuals behind it.

While taking down a botnet can be a major accomplishment for researchers, it's important to remember that there will always be new threats emerging, and the battle against cybercrime is never truly won. Nevertheless, the work of cybersecurity researchers plays a critical role in keeping the internet safe and secure for all users.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top