![]() They also found that the botnet is targeting an extensive array of industries and has expanded exponentially since it was first spotted in April. While analyzing around 100 samples discovered in the wild, security researchers Danny Adamitis, Steve Rudd, and Stephanie Walkenshaw at Lumen's Black Lotus Labs found that Chaos is written in Chinese and uses China-based command-and-control (C2) infrastructure. ![]() It also backdoors hijacked devices by establishing a reverse shell that will allow the attackers to reconnect at any time for further exploitation. This Go-based malware can also infect various architectures, including x86, x86-64, AMD64, MIPS, MIPS64, ARMv5-ARMv8, AArch64, and PowerPC, used by a wide range of devices from small office/home office routers and enterprise servers.Įven though it mainly propagates by attacking devices unpatched against various security vulnerabilities and SSH brute-forcing, Chaos will also use stolen SSH keys to hijack more devices. A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |