A new one is causing some concern malwarebaptized NKAbusewhich is abusing the technology NKN (New Kind of Network). NKN is a decentralized peer-to-peer network protocol that leverages technology blockchain.
As reported by the site Bleepingcomputer.comthe malware in question is made in the programming language Go and exploits the nature of NKN for its own malicious purposes.
NKN, by its very nature, improves latency and data transmission speed, optimizing the travel paths of data packets. In fact, on a pure structure level this network may resemble the much better known one Tor. As it stands, NKN counts for just over 60.700 noted.
As reported by Kasperskyalthough the malware is multiplatform, it seems to prefer the environment Linux. In this sense, the majority of attacks have so far been recorded in Latin America and Vietnam.
NKAbuse can be used for DDoS attacks but also as a RAT
NKAbuse works by exploiting an exploit of Apache Strutsthen using NKN to launch DDoS attacks through it.
The abuse of blockchain technology, in this sense, makes the threat even more fearsome, obscuring the work of the malware and making the work of those involved in cybersecurity even more challenging.
The malware in question, however, is not limited to this type of campaign. If necessary, cybercriminals can also exploit it as remote access trojan (RAT), exploiting compromised devices with actions such as data exfiltration and screenshot taking.
In this sense, therefore, both for Linux users and for device owners IoT and operating systems with architectures MIPS, ARM e 386, maximum caution is advised. Keeping your operating system and firmware updated can be crucial to avoiding encounters with NKAbuse or similar malware.