Kaspersky Analysts Discover NKAbuse: Multiplatform Malware Leveraging Blockchain Technology

JAKARTA - Kaspersky's Global Emergency Response Team (GERT) and Global Research and Analysis Team (GReAT) discovered NKAbuse, a new multiplatform malware that functions as a flooder and backdoor.

Kaspersky has also identified potential victims of this attack as being in Colombia, Mexico, and Vietnam.

In a backdoor/RAT role, NKAbuse provides an attacker with unauthorized access to a victim's system, allowing the attacker to silently execute commands, steal data, and monitor activity. This feature is very useful for espionage and data smuggling.

Meanwhile, as a flooder, he is able to launch DDoS attacks that damage, overload and disrupt the targeted server or network, thus having a significant impact on organizational operations.

Kaspersky also said the advanced features of this malware include capturing screenshots, managing files, retrieving system and network information, and executing system commands. All collected data is sent to its botmaster via the NKN network, using decentralized communications for confidentiality and efficiency.

“This approach complicates detection and mitigation efforts. "I would like to commend the Kaspersky GERT Team for their extraordinary efforts in identifying this sophisticated threat," said Lisandro Ubiedo, Security Researcher at GReAT Kaspersky in a statement.

The choice of Go as its development system enables cross-platform compatibility, allowing NKAbuse to target a wide range of operating systems and architectures, including Linux desktops and IoT devices.

Additionally, Go's ability to generate standalone binaries simplifies deployment and increases resilience, making NKAbuse a powerful tool against cybersecurity threats.