Chaos is a new malware written in the Go language that is capable of evading antimalware. Quickly spreading in Europe, it targets devices equipped with Linux and Microsoft.
There is new malware in town: its name is Chaos. It was discovered by researchers from Black Lotus Labs, a research center connected to Lumen Technologies, an American telecommunications company.
The malware was written in Go language, a programming language created by Google in 2009 that makes malware very difficult to track down.
According to experts, the malware could be traced back to Kaiji malware, which has already been around for a couple of years and is mainly used for Distributed Denial of Services (DDoS) attacks. Both were written in the same language.
How Chaos attacks
Chaos can target both Linux and Windows computers. This way he can grow his botnet more quickly, resulting in DDoS attacks.
Furthermore, malware is by its very nature very versatile, as it can run on a number of different architectures, such as ARM, Intel (i386), MIPS, and PowerPC. These are typical of routers found both in people’s homes and companies.
Chaos attacks mostly by looking for devices that have not been updated to their latest version and therefore have vulnerabilities.
But not only that, according to experts it has also spread thanks to so-called brute force attacks, based on entering a password that you do not know until you guess it, and exploiting stolen SSH keys.
According to an analysis by TechRepublic, the malware’s target is not espionage, but financial. The malware - it is explained - is introduced into computers to take control and perform mining against the hackers of the cryptocurrency Monero.
But not only that, among the other objectives found by Lumen Technologies there are companies engaged in the world of gaming, financial services, media and even exchange of crypto. Against some of these targets, the malware has implemented DDoS attacks, with the aim of slowing down the connection.
Chaos is a danger for Europe
Researchers from Black Lotus Labs conducted valuable research and found that the malware spread at great speed, especially in Europe.
These infections have in common the communication with the C2 infrastructure (control and command), which appears to have China as its destination site.
In the map created by Black Lotus Labs, created based on data collected between mid-June and mid-July, it is particularly highlighted how European countries were among the favorite victims of the attacks, it is therefore necessary to take measures to stem the threat.
How to defend against Chaos
As the researchers pointed out, the malware relies heavily on vulnerabilities due to missing updates. While it’s not at all easy to defend against fast-expanding malware like this, you need to take some steps, as simple as they are important.
First, update your devices when you need to and don’t wait. If the update is made available it is because it is considered important. Always have a spirit of healthy distrust when surfing the net; with the development of new technologies threats grow rapidly, it is therefore necessary to remember this.
Buying good antimalware is a wise choice that can pay off in the long run. Finally, it is important to remember to always remain calm.
When you realize you have been attacked by malware it is essential to stay in control, because that is what gives hackers an advantage. In such cases, the best choice to make is to try to carefully examine the situation and contact the relevant authorities, such as the Postal Police.