Botconf Author Listing

Allen West

Last known affiliation: Akamai Technologies, Inc.
Bio: Allen West is a Security Researcher on the Security Intelligence Response Team at Akamai Technologies, a Marine Corps Veteran, and a graduate of Northeastern University with a degree in Cyber Security Engineering. Allen is passionate about threat research, vulnerability hunting, and open-source programming, and loves to learn. He is currently pursuing his Master’s degree at Carnegie Mellon University in Information Security & Assurance and spends his downtime traveling, hiking, running, or anything outdoors and adventurous.
Date: 2023-04-12
A dissection of the KmsdBot
Larry W. Cashdollar 🗣 | Allen West 🗣

Abstract (click to view)

The presentation will document the KmsdBot discovered and documented by Larry Cashdollar and Allen West. We will discuss the initial discovery, static and dynamic code analysis, some reverse engineering techniques in regard to Go lang static binaries, the command and control protocol, code created to speak with the C2, the attack capabilities, and crypto mining functionality. We will then discuss how the bot spreads and infects targeted hosts. Finally, we will discover the bot crashing due to a lack of error checking and the bot being rebuilt shortly after. The talk will have a recorded demonstration of the bot communicating with our C2 and sending attack traffic, also we will show a demonstration of the bot crashing.

Slides Icon
Scroll to Top