May 7, 2024

NKAbuse: The First NKN-Abusing Malware Threat

5 months ago

NKAbuse: The First NKN-Abusing Malware Threat

Post Views: 14

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Reading Time: 3 Minutes
A new form of malware, known as NKAbuse, has emerged as a significant threat to the security of NKN (New Kind of Network) technology. This Go-based multi-platform malware is the first of its kind to exploit NKN for data exchange, posing a stealthy and formidable danger to network systems.
 
NKN, a decentralized peer-to-peer network protocol utilizing blockchain technology, has been targeted by NKAbuse, which aims to compromise the integrity of the network and its operations. With a focus on optimizing data transmission speed and latency, NKN has attracted a substantial number of participants, with approximately 60,710 nodes currently active within the network.
 
Moving data through NKN (Kaspersky)
 
 

NKAbuse

The discovery of NKAbuse was reported by Kaspersky, shedding light on its malicious activities primarily targeting Linux desktops in specific regions such as Mexico, Colombia, and Vietnam. Exploiting an old Apache Struts flaw (CVE-2017-5638), NKAbuse has been observed attacking a financial company, showcasing its potential for widespread damage.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

NKAbuse’s utilization of NKN to launch DDoS attacks poses a significant challenge for security professionals, as the attacks are difficult to trace and unlikely to be detected by conventional security tools.

By leveraging the NKN public blockchain protocol, NKAbuse can carry out flooding attacks and establish a backdoor within Linux systems, enabling it to communicate with a bot master and execute various malicious commands.

The payload commands sent by the C2 include HTTP, TCP, UDP, PING, ICMP, and SSL flood attacks aimed at a specified target.

DDoS attack commands (Kaspersky)

Trending: Necurs: Uncovering the Sophisticated Botnet

Trending: Recon Tool: ReconSpider

The malware’s capabilities extend beyond DDoS attacks, as it also functions as a remote access trojan (RAT), granting its operators the ability to execute commands, exfiltrate data, and capture screenshots on compromised systems.

Screenshot functionality (Kaspersky)

This versatility and adaptability, combined with the use of blockchain technology to obfuscate the source of attacks, make NKAbuse a highly challenging threat to defend against.

Trending: Kali Linux 2023.4 Release with Cloud ARM64, Raspberry Pi 5 Support, and New Tools

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: info@blackhatethicalhacking.com

Source: bleepingcomputer.com

Source Link

Recent News

Volt Typhoon’s KV-Botnet and the Threat to Global Communications, Attacks on SOHO routers

December 14, 2023

From Crypto Mining to BEC: Microsoft Exposes the Dark Side of OAuth Misuse

December 13, 2023

Counter-Strike 2 Vulnerability Patched After HTML Injection Exploits, Exposing Player’s IP addresses

December 12, 2023

Critical Android 14 and 13 Lock Screen Bug Exposes Google Account Data

December 11, 2023

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

The post NKAbuse: The First NKN-Abusing Malware Threat first appeared on Black Hat Ethical Hacking.

About The Author

See author's posts

More Stories

Database Leak Reveals 2.6 Million Sensitive Documents

9 hours ago admin

Smoke Alarm Data Breach

5 days ago admin

How we built the new Find My Device network with user security and privacy in mind

2 weeks ago admin