September 30th: Cross-platform Chaos malware +++ Patch of the week

Cross-platform Chaos malware

A new Botnet is taking hold of Windows and Linux devices alike, using them to start DDoS (Distributed Denial of Service) attacks. Chaos, a Go-based malware, can infect various architectures like x86, AMD64, ARMv5 and many more. With such a wide spectrum, it does not just target high value devices, it also targets smaller ones. The malware mainly focuses on unpatched devices, but also tries to hijack other devices with brute forcing or stolen SSH keys. After infecting one, it creates a backdoor for itself to be able to communicate with their C2-Server (Command and Control).

Researchers from the Black Lotus Labs were able to identify targets of the Chaos clusters. They cover a broad range targeting gaming to financial services, media and entertainment industry as well as their competitors, DDoS-as-a-service providers.

Interested in knowing more about Chaos? Here three interesting sources:

Patch of the week

WhatsApp has fixed two remote code execution vulnerabilities for WhatsApp for Android and its Business version prior to v2.22.16.12 and WhatsApp for iOS and its Business prior to v2.22.16.12.

  • The first vulnerability CVE-2022-36934 (CVS 9,8) allowed the attackers to achieve remote code execution during a video call.
  • The second vulnerability CVE-2022-27492 (CVS 7,8) caused remote code execution when receiving a crafted video file.

For more insights on this patch, check the information by WhatsApp’s security advisory or the news by Malwarebytes.

Is cybersecurity a topic of interest for your company? As an independent entity with a portfolio of proven security providers, CyberCompare can provide you with comparative offers at no charge and with no obligation. Reach out to us or use our diagnostic to learn more about your cyber risk profile.

Please remember: this article is based our knowledge at the time it was written – but we learn more every day. Do you think important points are missing or do you see the topic from a different perspective? We would be happy to discuss current developments in greater detail with you and your company’s other experts and welcome your feedback and thoughts.

And one more thing: the fact that an article mentions (or does not mention) a provider does not represent a recommendation from CyberCompare. Recommendations always depend on the customer’s individual situation.

Simeon Mussler

We are happy to help you personally with the specification of your cybersecurity requirements:

+44 1895 838 918

Reach out now