Security News > 2022 > November > New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks
A newly discovered evasive malware leverages the Secure Shell cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service attacks.
Dubbed KmsdBot by the Akamai Security Intelligence Response Team, the Golang-based malware has been found targeting a variety of companies ranging from gaming to luxury car brands to security firms.
It's also equipped to control the mining process and update the malware.
Akamai said the first observed target of the malware was a gaming company named FiveM, a multiplayer mod for Grand Theft Auto V that allows players to access custom role-playing servers.
The DDoS attacks observed by the web infrastructure company include Layer 4 and Layer 7 attacks, wherein a flood of TCP, UDP, or HTTP GET requests are sent to overwhelm a target server's resources and hamper its ability to process and respond.
Nearly half of the analyzed samples of malicious mining software secretly mine Monero.
News URL
https://thehackernews.com/2022/11/new-kmsdbot-malware-hijacking-systems.html
Related news
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- Crypto-stealing malware campaign infects 28,000 people (source)