An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down by the threat actors themselves.
KmsdBot, as christened by the Akamai Security Intelligence Response Team (SIRT), came to light mid-November 2022 for its ability to brute-force systems with weak SSH credentials.
The botnet strikes both Windows and Linux devices spanning a wide range of microarchitectures with the primary goal of deploying mining software and corralling the compromised hosts into a DDoS bot.
Some of the major targets included gaming firms, technology companies, and luxury car manufacturers.
Akamai researcher Larry W. Cashdollar, in a new update, explained how commands sent by the malware operators to carry out a DDoS attack against the bitcoin[.]com website inadvertently neutralized the malware.
images from Hacker News