Syntax errors are the doom of us all, including botnet authors

Enlarge / If you’re going to come at port 443, you best not miss (or forget to put a space between URL and port). (credit: Getty Images)

KmsdBot, a cryptomining botnet that could also be used for denial-of-service (DDOS) attacks, broke into systems through weak secure shell credentials. It could remotely control a system, it was hard to reverse-engineer, didn’t stay persistent, and could target multiple architectures. KmsdBot was a complex malware with no easy fix.

That was the case until researchers at Akamai Security Research witnessed a novel solution: forgetting to put a space between an IP address and a port in a command. And it came from whoever was controlling the botnet.

With no error-checking built in, sending KmsdBot a malformed command—like its controllers did one day while Akamai was watching—created a panic crash with an “index out of range” error. Because there’s no persistence, the bot stays down, and malicious agents would need to reinfect a machine and rebuild the bot’s functions. It is, as Akamai notes, “a nice story” and “a strong example of the fickle nature of technology.”

Read 3 remaining paragraphs | Comments

Blog

Empowering Your News Experience: Unveiling the Repithwin News Platform

Can you elaborate on the journey toward DevOps maturity and the role of Sirius360 in that process?

The Benefits of Receiving a Gay Massage

Best Beard Balm For You Beard

Repithwin: The Future of Innovation and Possibility

Revolutionizing Shareholder Voting with New Market Solutions