Malware, Threat Intelligence

Novel Chae$ malware variant ups stealth

Significant enhancements to bolster stealth have been added to the latest variant of the Chaes malware identified as "Chae$ 4.1," Hackread reports. Aside from having an updated Chronod module with increased modularity, Chae$ 4.1 malware also featured sophisticated code polymorphism to facilitate the identification of sandbox environments and evasion of antivirus systems, a report from Morphisec revealed. Morphisec researchers also noted that the new Chaes malware variant also included a message in its source code addressed to them following their report detailing the payload's predecessor in September. Attacks with Chae$ 4.1 were noted to commence with a Portuguese language email purporting to be an urgent legal request from a lawyer, which includes a link redirecting to a malicious website seeking the download of a ZIP file and enabling the distribution of the MSI installer, according to the report. Threat actors have also performed machine risk scanning through another website to facilitate in-the-background execution of JavaScript and the eventual deployment of the Chae$ installer.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.