Security News > 2022 > December > A Security Vulnerability in the KmsdBot Botnet

A Security Vulnerability in the KmsdBot Botnet
2022-12-15 12:10

With no error-checking built in, sending KmsdBot a malformed command­-like its controllers did one day while Akamai was watching­-created a panic crash with an "Index out of range" error.

Because there's no persistence, the bot stays down, and malicious agents would need to reinfect a machine and rebuild the bot's functions.

It is, as Akamai notes, "a nice story" and "a strong example of the fickle nature of technology."


News URL

https://www.schneier.com/blog/archives/2022/12/a-security-vulnerability-in-the-kmsdbot-botnet.html