New ‘NKAbuse’ Linux Malware Uses Blockchain Technology to Spread

Kaspersky’s Global Emergency Response Team identified a new multiplatform malware threat, named NKAbuse, which is targeting devices in Mexico, Colombia, and Vietnam. Using a blockchain-powered peer-to-peer network protocol, it operates as a Go-based backdoor botnet on Linux desktops and potentially IoT devices, launching DDoS attacks and remote access trojans. The protocol allows for malicious data exchange across over 60k active nodes, which potentially supports flooding attacks. The malware exploited an old Apache Struts 2 vulnerability.