Security News > 2022 > September > Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office routers, and enterprise servers into its botnet.

"Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through stealing and brute-forcing SSH private keys, as well as launch DDoS attacks," researchers from Lumen's Black Lotus Labs said in a write-up shared with The Hacker News.

Written in Chinese and leveraging China-based infrastructure for command-and-control, the botnet joins a long list of malware that are designed to establish persistence for extended periods and likely abuse the foothold for nefarious purposes, such as DDoS attacks and cryptocurrency mining.

What's more, the malware has versatility that similar malware does not, enabling it to operate across a wide range of instruction set architectures from ARM, Intel, MIPS, and PowerPC, effectively allowing the threat actor to broaden the scope of its targets and swiftly accrue in volume.

Chaos is also believed to be an evolution of another Go-based DDoS malware named Kaiji that has previously targeted misconfigured Docker instances.

"We are seeing a complex malware that has quadrupled in size in just two months, and it is well-positioned to continue accelerating," said Mark Dehus, director of threat intelligence for Lumen Black Lotus Labs.

News URL

https://thehackernews.com/2022/09/researchers-warn-of-new-go-based.html