NKAbuse: The First NKN-Abusing Malware Threat

by | Dec 15, 2023 | News

NKAbuse: The First NKN-Abusing Malware Threat

Post Views: 189

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon
Reading Time: 3 Minutes
A new form of malware, known as NKAbuse, has emerged as a significant threat to the security of NKN (New Kind of Network) technology. This Go-based multi-platform malware is the first of its kind to exploit NKN for data exchange, posing a stealthy and formidable danger to network systems.
 
NKN, a decentralized peer-to-peer network protocol utilizing blockchain technology, has been targeted by NKAbuse, which aims to compromise the integrity of the network and its operations. With a focus on optimizing data transmission speed and latency, NKN has attracted a substantial number of participants, with approximately 60,710 nodes currently active within the network.
 
Moving data through NKNMoving data through NKN (Kaspersky)
 
 

NKAbuse

The discovery of NKAbuse was reported by Kaspersky, shedding light on its malicious activities primarily targeting Linux desktops in specific regions such as Mexico, Colombia, and Vietnam. Exploiting an old Apache Struts flaw (CVE-2017-5638), NKAbuse has been observed attacking a financial company, showcasing its potential for widespread damage.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

NKAbuse’s utilization of NKN to launch DDoS attacks poses a significant challenge for security professionals, as the attacks are difficult to trace and unlikely to be detected by conventional security tools.

By leveraging the NKN public blockchain protocol, NKAbuse can carry out flooding attacks and establish a backdoor within Linux systems, enabling it to communicate with a bot master and execute various malicious commands.

The payload commands sent by the C2 include HTTP, TCP, UDP, PING, ICMP, and SSL flood attacks aimed at a specified target.

DDoS attack commandsDDoS attack commands (Kaspersky)

Trending: Necurs: Uncovering the Sophisticated Botnet




Trending: Recon Tool: ReconSpider

The malware’s capabilities extend beyond DDoS attacks, as it also functions as a remote access trojan (RAT), granting its operators the ability to execute commands, exfiltrate data, and capture screenshots on compromised systems.

Screenshot functionalityScreenshot functionality (Kaspersky)

This versatility and adaptability, combined with the use of blockchain technology to obfuscate the source of attacks, make NKAbuse a highly challenging threat to defend against.

Trending: Kali Linux 2023.4 Release with Cloud ARM64, Raspberry Pi 5 Support, and New Tools

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This