Malware, Endpoint/Device Security

Updated KmsdBot malware emerges

Internet of things devices have been subjected to attacks with a new version of the KmsdBot botnet malware, which has been enhanced with Telnet scanning and more extensive CPU architecture support, reports The Hacker News. After generating a random IP address, the botnet's Telnet scanner tries to establish a connection with the IP address' port 23 while verifying the presence of data in the receiving buffer, an Akamai report revealed. Attacks are then facilitated by a text file that includes weak passwords that could be leveraged to compromise various IoT devices, particularly those that continue to have their default credentials. "From a technical perspective, the addition of telnet scanning capabilities suggests an expansion in the botnet's attack surface, enabling it to target a wider range of devices. Moreover, as the malware evolves and adds support for more CPU architectures, it poses an ongoing threat to the security of internet-connected devices," wrote Akamai security researcher Larry Cashdollar.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.