• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » News » Saturday Sitrep: KashmirBlack

Saturday Sitrep: KashmirBlack

2020-10-31 by Max

The concept of a “botnet” (a collection of devices which have been infected with software which brings them into the ‘net and which allows the actions of all ‘net members to act in concert) is nothing new, but how they’ve been implemented and used in recent years has been changing. The EternalBlue attack which, successfully, went after healthcare facilities leveraged devices that had historically been ignored by security programs such as security cameras and other devices that wouldn’t register as “a computer” to most people.

Botnets, like ransomware, rely on a home server, or servers, to coordinate the actions of each piece of the ‘net, which makes the whole thing vulnerable to decapitation. Security professionals often look to destroy the command and control structure of an attack first, as the entire botnet can be rendered toothless by removing its ability to act. This gives additional time to come up with a solutions which removes the infection from the members of the net, as they are no longer able to receive software updates or adapt to the efforts of the security professionals.

However, modern botnets are much more flexible and are capable of limited autonomous operations even when cut off from headquarters, and that headquarters is becoming further decentralized. While the KashmirBlack botnet does use servers for command and control, it also leverages cloud servers, like those used by Dropbox, to send commands as well. This hardens its control infrastructure against removal by distributing the command functions through public infrastructure, which means any attempt at removal must be more precisely tuned. Further, it allows the ‘net to hide the extent of its size and the commands being sent by traveling with the normal traffic that comes out of Dropbox. After all, it’s would not be unusual for a computer to be connected to Dropbox or to send/receive large files to/from them. This camouflage further extends KashmirBlacks life expectancy and increases the danger it poses. While the KashmirBlack ‘net so far appears to be used for crypto-mining, spam, and expanding the ‘net, there’s nothing stopping it from being used for more dangerous attacks or being sold to another entity that would use it for more damaging purposes.

Filed Under: News

About Max

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version