uses:Go
attack:T1133:External Remote Services
attack:T1021:Remote Services
attack:T1021.004:SSH
attack:T1078.001:Default Accounts
attack:T1110:Brute Force
attack:T1095:Non-Application Layer Protocol
attack:T1048:Exfiltration Over Alternative Protocol
attack:T1567:Exfiltration Over Web Service
attack:T1499:Endpoint Denial of Service
attack:T1498:Network Denial of Service
attack:T1480:Execution Guardrails
Area
Malware reports
Parent threat
Reconnaissance, Initial Access, Defense Evasion, Lateral Movement, Exfiltration, Impact
Finding
https://www.akamai.com/blog/security-research/updated-kmsdbot-binary-targeting-iot
Industry reference
uses:Go attack:T1133:External Remote Services attack:T1021:Remote Services attack:T1021.004:SSH attack:T1078.001:Default Accounts attack:T1110:Brute Force attack:T1095:Non-Application Layer Protocol attack:T1048:Exfiltration Over Alternative Protocol attack:T1567:Exfiltration Over Web Service attack:T1499:Endpoint Denial of Service attack:T1498:Network Denial of Service attack:T1480:Execution Guardrails
Malware reference
Kmsdbot
Actor reference
No response
Component
Linux, IOT
Scenario
No response