The presence of this alert does necessarily mean you have been hacked. It falls into a gray area of network security.
Printers, NAS drives, or smart home devices often scan the network to discover other hardware. scan.generic.portscan.udp kaspersky
Kaspersky treats UDP port scans differently than TCP scans because UDP is "connectionless." In a TCP scan, the scanner sends a SYN packet, and if a port is open, it receives a SYN-ACK. It is a handshake. The presence of this alert does necessarily mean
: Detects "footprinting," where attackers probe ports to find active services or vulnerabilities. the scanner sends a SYN packet
The alert blinked on Kaspersky’s central console: – source: workstation 14-B, time: 03:14 AM.
While the word "attack" sounds scary, many Kaspersky detections for UDP port scans are or non-malicious network behavior.