Updated on 2022-09-30
Researchers from Lumen’s Black Lotus Labs “recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux.” Dubbed Chaos, the malware uses infected devices for cryptomining and launching distributed denial-of-service (DDoS) attacks.
Note
- While Chaos appears to have roots in the Kanji malware, it is considerably more advanced. This spreads by exploiting vulnerabilities both in the OS (Win/Lin) and SOHO routers. This means keep those patched. Ensure you have effective EDR in place and change default passwords.
Read more in
- Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules
- New Chaos malware infects Windows, Linux devices for DDoS attacks
- Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
- Chaos IoT malware taps Go language to harvest Windows, Linux for DDoS attacks
Updated on 2022-09-29
Lumen’s Black Lotus Labs said they identified a new Go-based malware strain named Chaos that has spent the past few months infecting Windows and Linux servers worldwide, including many SOHO routers. According to current evidence, the main purpose of this new malware appears to mine cryptocurrency for its operator(s) and launch DDoS attacks. Read more: Chaos Is A Go-Based Swiss Army Knife Of Malware
Overview
A never-before-seen cross-platform malware, dubbed Chaos, was found infecting a broad array of Windows and Linux devices. As of now, the malware has 111 staging servers to infect devices. Read more: Never-before-seen malware has infected hundreds of Linux and Windows devices
