Security News Unveiling NKAbuse: a new multiplatform threat

vtqhtr413

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,494
Content source
https://securelist.com/unveiling-nkabuse/111512/
During an incident response performed by Kaspersky’s Global Emergency Response Team (GERT) and GReAT, we uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. Written in Go, it is flexible enough to generate binaries compatible with various architectures.

Our analysis suggests that the primary target of NKAbuse is Linux desktops. However, in view of its ability to infect MISP and ARM systems, it also poses a threat to IoT devices.

NKAbuse infiltrates systems by uploading an implant to the victim host. The malware establishes persistence through a crorn job and installs itself in the host’s home folder. Its capabilities span flooding to backdoor access to remote administration (RAT), offering a range of features.

A new kind of network​

NKN, short for “New Kind of Network”, functions as a peer-to-peer (P2P) and blockchain-oriented network protocol that prioritizes decentralization and privacy. The NKN network currently has more than 60,000 official nodes. It offers diverse routing algorithms designed to optimize data transmission by selecting the shortest node trajectory to reach its intended destination.
Click to expand...
securelist.com

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers and equipped with both flooder and backdoor capabilities.
securelist.com securelist.com

Alternate source
www.bleepingcomputer.com

New NKAbuse malware abuses NKN blockchain for stealthy comms

A new Go-based multi-platform malware identified as 'NKAbuse' is the first malware abusing NKN (New Kind of Network) technology for data exchange, making it a stealthy threat.
www.bleepingcomputer.com www.bleepingcomputer.com
 
Last edited:
  • Like
  • +Reputation
Reactions: simmerskool, Zartarra, [correlate] and 5 others

Similar threads

Lymphocyte
    • Like
    • +Reputation
Malware News SpectralBlur: New macOS Backdoor Threat from North Korean Hackers
Replies
1
Views
1,221
Security News
MuzzMelbourne
MuzzMelbourne
[correlate]
    • Like
    • +Reputation
Security News TinyTurla Next Generation - Turla APT spies on Polish NGOs
Replies
1
Views
1,602
Security News
vtqhtr413
vtqhtr413
vtqhtr413
    • Like
    • +Reputation
Security News Threat actors use Tycoon 2FA kits to target MS 365 and Gmail accounts
Replies
3
Views
1,075
Security News
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top