Security News > 2022 > September > Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office routers, and enterprise servers into its botnet.
"Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through stealing and brute-forcing SSH private keys, as well as launch DDoS attacks," researchers from Lumen's Black Lotus Labs said in a write-up shared with The Hacker News.
Written in Chinese and leveraging China-based infrastructure for command-and-control, the botnet joins a long list of malware that are designed to establish persistence for extended periods and likely abuse the foothold for nefarious purposes, such as DDoS attacks and cryptocurrency mining.
What's more, the malware has versatility that similar malware does not, enabling it to operate across a wide range of instruction set architectures from ARM, Intel, MIPS, and PowerPC, effectively allowing the threat actor to broaden the scope of its targets and swiftly accrue in volume.
Chaos is also believed to be an evolution of another Go-based DDoS malware named Kaiji that has previously targeted misconfigured Docker instances.
"We are seeing a complex malware that has quadrupled in size in just two months, and it is well-positioned to continue accelerating," said Mark Dehus, director of threat intelligence for Lumen Black Lotus Labs.
News URL
https://thehackernews.com/2022/09/researchers-warn-of-new-go-based.html
Related news
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Researchers discover first UEFI bootkit malware for Linux (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- Researchers unearth two previously unknown Linux backdoors (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections (source)
- Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels (source)
- ESET researchers analyze first UEFI bootkit for Linux systems (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)