Chaes Infostealer Code Contains Hidden Threat Hunter Love Notes

  /     /     /  
Publicated : 23/11/2024   Category : security

Chaes Infostealer Code Contains Hidden Threat Hunter Love Notes


Analysis of the infostealer malware version 4.1 includes hidden ASCII art and a shout-out thanking cybersecurity researchers.


Appearing flattered by the dogged analysis of Chaes malware over the years, the infostealers developer dropped secret messages in the latest version of the code praising threat hunter efforts and thanking them for the interest.
Analysis of infostealer Chaes 4.1 in debug mode reveals a number of intricate ASCII art pieces hidden within the code, according to Morphisec malware researcher Arnold Osipov, who also received a special shout-out message from the malware developers, also hidden within the
infostealer malware
code.
We spend several hours of our lives trying to write code that is work being analysed by such talented researchers like yourself, the message from the Chaes developers addressed specifically to Osipov read. We sincerely hope our efforts meet your expectations.
The code also contains a mention that the Chaes team was discovered by Cybereason three years ago. We are still a bae, they wrote.
The current Chaes campaign being tracked by Osipov uses a Portuguese-language email, purportedly from an attorney about an urgent legal matter. If the user clicks the malicious link they are delivered to a spoofed website for TotalAV, asked to add their password to download a document, which then serves up the MSI installer, Morphisecs
new report
explained. The latest version of the Chaes framework included some improvements, notably in the Chronod module, which intercepts victim browser activity, the research found.
The threat actor has a history of expressing appreciation to security researchers for helping in the improvement of their software, the report added. However, this is the first time such gratitude has been expressed directly within the code.

Last News

▸ Pushdo Botnet changes to avoid detection. ◂
Discovered: 26/12/2024
Category: security
▸ Boston Childrens Hospital ensures teens privacy. ◂
Discovered: 26/12/2024
Category: security
▸ British LulzSec hackers sentenced for cyberattacks. ◂
Discovered: 26/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Chaes Infostealer Code Contains Hidden Threat Hunter Love Notes