Deconstructing a zombie army of comprised computers — commonly known as a botnet — can tell you a lot about the security weaknesses over a range of digital infrastructure. The unpatched machines the botnet preys on, the protocols it uses, and the malicious code it distributes come into sharp focus. A new study of the MyKings botnet — a notorious horde of computers that has netted crooks some $3 million — by antivirus firm Sophos highlights how Windows servers are vulnerable to a range of attacks from the botnet. The MyKings botnet, also known as Smominru, is like a mash-up of recent security trends: it has been used to mine cryptocurrency, it has taken advantage of users’ failure to patch their systems, and it has employed a software exploit released by the Shadow Brokers. MyKings’ authors have also started experimenting with steganography — an increasingly popular technique in which hackers hide […]
The post The anatomy of the MyKings botnet, and why it matters for security appeared first on CyberScoop.
Continue reading The anatomy of the MyKings botnet, and why it matters for security→