NKAbuse Malware Utilizes NKN Blockchain Technology for Executing DDoS Attacks

A newly identified multi-platform threat named NKAbuse has surfaced, employing a decentralized peer-to-peer network connectivity protocol known as NKN for communication.
Russian cybersecurity firm Kaspersky detailed the malware's capabilities in a report, describing it as a robust implant with both flooder and backdoor functionalities.
NKN, boasting over 62,000 nodes, functions as a software overlay network on the existing Internet, allowing users to share unused bandwidth and earn token rewards through a blockchain layer on top of the TCP/IP stack.
NKAbuse takes advantage of this technology to execute distributed denial-of-service attacks and operate as an implant within compromised systems.
While threat actors commonly exploit emerging communication protocols for command-and-control purposes to elude detection, NKAbuse stands out by leveraging blockchain technology.
This malicious software communicates with the bot master using the NKN protocol, implementing the Go programming language.
Its primary targets seem to be Linux systems, including IoT devices, particularly in Colombia, Mexico, and Vietnam.
The scale of the attacks remains uncertain, but Kaspersky highlighted an incident involving the exploitation of a six-year-old critical security flaw in Apache Struts to breach an unnamed financial company.
The attack sequence involves the delivery of an initial shell script, responsible for downloading the implant from a remote server after verifying the target host's operating system.
The server hosting the malware supports various CPU architectures, featuring eight different versions of NKAbuse.
Notably, NKAbuse lacks a self-propagation mechanism, requiring delivery through an initial access pathway, such as exploiting security flaws.
The malware employs cron jobs to persist through reboots, checking the user ID and, if it is root, adding itself to the crontab for every reboot.
The malware also incorporates backdoor features enabling it to send periodic heartbeat messages to the bot master, providing system information, capturing screenshots, performing file operations, and executing system commands.
Kaspersky emphasizes that NKAbuse is crafted for integration into a botnet but can adapt to functioning as a backdoor on a specific host.
The use of blockchain technology ensures reliability and anonymity, hinting at the potential for the botnet to expand steadily over time without an identifiable central controller.
He expressed a willingness to collaborate with security experts to enhance internet safety.


This Cyber News was published on www.cysecurity.news. Publication date: Mon, 18 Dec 2023 15:43:04 +0000


Cyber News related to NKAbuse Malware Utilizes NKN Blockchain Technology for Executing DDoS Attacks

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol - The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. NKAbuse infiltrates systems by uploading an implant to the victim host. The malware ...
11 months ago Securelist.com
New NKAbuse malware abuses NKN blockchain for stealthy comms - A new Go-based multi-platform malware identified as 'NKAbuse' is the first malware abusing NKN technology for data exchange, making it a stealthy threat. NKN is a relatively new decentralized peer-to-peer network protocol leveraging blockchain ...
11 months ago Bleepingcomputer.com
NKAbuse Malware Utilizes NKN Blockchain Technology for Executing DDoS Attacks - A newly identified multi-platform threat named NKAbuse has surfaced, employing a decentralized peer-to-peer network connectivity protocol known as NKN for communication. Russian cybersecurity firm Kaspersky detailed the malware's capabilities in a ...
11 months ago Cysecurity.news
NKAbuse Threat Uses NKN Blockchain Network for DDoS Attacks - A new multiplatform threat that uses the peer-to-peer NKN network connectivity protocol as a communication channel for launching a range of threats, from distributed denial-of-service attacks to a remote access trojan. The multiple-threat malware, ...
11 months ago Securityboulevard.com
Complex 'NKAbuse' Malware Uses Blockchain to Hide on Linux, IoT Machines - A sophisticated and versatile malware called NKAbuse has been discovered operating as both a flooder and a backdoor, targeting Linux desktops in Colombia, Mexico, and Vietnam. According to a report this week from Kaspersky, this cross-platform ...
11 months ago Darkreading.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
4 months ago Helpnetsecurity.com
The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
10 months ago Cybersecuritynews.com
Exploring Blockchain's Revolutionary Impact on E-Commerce - The trend of choosing online shopping over traditional in-store visits is on the rise, with e-commerce transactions dominating the digital landscape. Blockchain technology emerges as a solution to bolster the security of online transactions. ...
11 months ago Cysecurity.news
Linux, IoT backdoor stays stealthy using NKN blockchain The Register - Incident responders say they've found a new type of multi-platform malware abusing the New Kind of Network protocol. NKN is an open source protocol that lets users perform a peer-to-peer data exchange over a public blockchain - like a cross between a ...
11 months ago Go.theregister.com
Linux, IoT backdoor stays stealthy using NKN blockchain The Register - Incident responders say they've found a new type of multi-platform malware abusing the New Kind of Network protocol. NKN is an open source protocol that lets users perform a peer-to-peer data exchange over a public blockchain - like a cross between a ...
11 months ago Packetstormsecurity.com
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
10 months ago Cyberdefensemagazine.com
How to Prepare for DDoS Attacks During Peak Business Times - One common tactic that many security practitioners have witnessed is carrying out distributed denial-of-service attacks during peak business times, when companies are more likely to be short-staffed and caught unawares. While DDoS attacks are a ...
10 months ago Darkreading.com
NKAbuse Malware Attacking Linux Desktops & Corn Persistence - Threat actors target Linux systems due to their prevalence in server environments, and cron jobs offer a discreet means of maintaining unauthorized access over an extended period. Infiltrating via implant upload, it establishes persistence through a ...
11 months ago Gbhackers.com
AI and Blockchain Convergence: A Game Changer in the Digital Sector - AI and blockchain are two of the most revolutionary technologies of our time, and their combination will totally transform the tech sector. The two main axes around which blockchain is conceptualised are cryptocurrencies and the infrastructure ...
11 months ago Cysecurity.news
Integrating the Power of AI and Blockchain for Data Security and Transparency - In an ever-changing digital landscape, providing strong data security and transparency has become critical. This article explores the dynamic interaction of two transformational technologies: artificial intelligence and blockchain. Artificial ...
10 months ago Cysecurity.news
Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution - An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators. According to Zayo Group's ...
11 months ago Feedpress.me
VPN to protect against DDoS attacks on Twitch - Swarming or DDoS attacks pose a threat to streamers. Your data goes through a secure server, making it harder for attackers to target your actual IP address. A distributed denial-of-service attack globally harasses and attacks legitimate users and ...
10 months ago Itsecurityguru.org
In Cybersecurity and Fashion, What's Old Is New Again - While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work. In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, ...
10 months ago Darkreading.com
Essential DDoS statistics for understanding attack impact - The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and ...
10 months ago Helpnetsecurity.com
Exploring Technology in Classroom Learning - This article aims to explore the effective utilization of technology to enhance classroom learning experiences. Technology plays a crucial role in facilitating effective and engaging learning experiences in the classroom. With the advancement of ...
11 months ago Securityzap.com
How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
11 months ago Esecurityplanet.com
Understanding the Escalating Threat of Web DDoS Tsunami Attacks - Whether it's hacktivists conducting cyberwarfare or ransom-seeking criminals targeting vulnerable firms in financial services, retail, energy, or transportation, a new breed of destructive distributed denial of service attack - the Web DDoS Tsunami - ...
10 months ago Cyberdefensemagazine.com
DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia - Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On November 30, 2023, Rappler, the leading digital media company in the ...
11 months ago Hackread.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
4 months ago Pandasecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)