NKAbuse: The First NKN-Abusing Malware Threat

NKAbuse: The First NKN-Abusing Malware Threat

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Reading Time: 3 Minutes
A new form of malware, known as NKAbuse, has emerged as a significant threat to the security of NKN (New Kind of Network) technology. This Go-based multi-platform malware is the first of its kind to exploit NKN for data exchange, posing a stealthy and formidable danger to network systems.
NKN, a decentralized peer-to-peer network protocol utilizing blockchain technology, has been targeted by NKAbuse, which aims to compromise the integrity of the network and its operations. With a focus on optimizing data transmission speed and latency, NKN has attracted a substantial number of participants, with approximately 60,710 nodes currently active within the network.
Moving data through NKN (Kaspersky)


The discovery of NKAbuse was reported by Kaspersky, shedding light on its malicious activities primarily targeting Linux desktops in specific regions such as Mexico, Colombia, and Vietnam. Exploiting an old Apache Struts flaw (CVE-2017-5638), NKAbuse has been observed attacking a financial company, showcasing its potential for widespread damage.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

NKAbuse’s utilization of NKN to launch DDoS attacks poses a significant challenge for security professionals, as the attacks are difficult to trace and unlikely to be detected by conventional security tools.

By leveraging the NKN public blockchain protocol, NKAbuse can carry out flooding attacks and establish a backdoor within Linux systems, enabling it to communicate with a bot master and execute various malicious commands.

The payload commands sent by the C2 include HTTP, TCP, UDP, PING, ICMP, and SSL flood attacks aimed at a specified target.

DDoS attack commands (Kaspersky)

The malware’s capabilities extend beyond DDoS attacks, as it also functions as a remote access trojan (RAT), granting its operators the ability to execute commands, exfiltrate data, and capture screenshots on compromised systems.

Screenshot functionality (Kaspersky)

This versatility and adaptability, combined with the use of blockchain technology to obfuscate the source of attacks, make NKAbuse a highly challenging threat to defend against.

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: info@blackhatethicalhacking.com

Source: bleepingcomputer.com

Source Link

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

The post NKAbuse: The First NKN-Abusing Malware Threat first appeared on Black Hat Ethical Hacking.

About The Author