Threat actors target Linux systems due to their prevalence in server environments, and cron jobs offer a discreet means of maintaining unauthorized access over an extended period.
Infiltrating via implant upload, it establishes persistence through a cron job in the home folder, featuring:-.
NKN is a decentralized protocol prioritizing privacy, with more than 60,000 nodes.
Featuring diverse routing algorithms, it optimizes data transmission.
Malware exploits like theuse of NKN's blockchain protocol enable flooding attacks and Linux system backdoors.
GERT finds evidence indicating a Struts2 exploit in an attack on a financial firm.
The malware supports eight architectures, and here below, we have mentioned them:-.
Malware NKAbuse, when executed, relocates to /root/.
It employs NKN protocol for communication, creating an account, and multiclient for concurrent data exchange.
According to researchers, NKAbuse is not just a DDoS tool but also a highly capable backdoor/RAT that offers various features for maintaining persistence, executing commands, and gathering sensitive information.
Its ability to operate as a backdoor and remotely control infected systems makes it a serious threat to cybersecurity.
NKAbuse is a unique cross-platform threat that stands out for its use of uncommon communication protocols.
Crafted for botnet integration, it doubles as a host-specific backdoor.
This Cyber News was published on gbhackers.com. Publication date: Mon, 18 Dec 2023 03:43:04 +0000