Cryptomining, DDoS attacks launched by novel KmsdBot malware

Numerous security firms, gaming companies, and luxury car manufacturers have been targeted by the new KmsdBot malware, which uses the Secure Shell cryptographic protocol to facilitate cryptocurrency mining and distributed denial-of-service attacks, The Hacker News reports. Various architectures including Winx86, mips64, Arm64, and x86_64 are supported by the malware, which was derived from the "kmsd.exe" executable, which is downloaded after system compromise, a report from the Akamai Security Intelligence Response Team revealed. Gaming firm FiveM, which offers a Grand Theft Auto V multiplayer mod, was the initial target of KmsdBot, which has been found not only to allow self-propagation and malware updating capabilities but also to enable Layer 4 and Layer 7 DDoS attacks. "This botnet is a great example of the complexity of security and how much it evolves. What seems to have started as a bot for a game app has pivoted into attacking large luxury brands," said Akamai researcher Larry Cashdollar.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.