Chaes

Malware Profile Updated 13 days ago
Download STIX
Preview STIX
The Chaes malware, a harmful program designed to exploit and damage computer systems, first emerged in November 2020. It primarily targeted e-commerce customers in Latin America, with a particular focus on Brazil. The malware can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. The threat actors behind this operation, known as Lucifer, had successfully breached more than 800 WordPress websites by early 2022 to deliver Chaes to users of various financial platforms. Morphisec, a leading cybersecurity firm, recently discovered a new and more advanced variant of the Chaes malware, dubbed Chae$4. This version is targeting customers of financial and logistics companies in Latin America. Notable improvements in the latest Chaes framework include advancements in the "Chronod" module, which intercepts victim browser activity. The current campaign uses a Portuguese-language email, seemingly from an attorney about an urgent legal matter, to trick victims into downloading the malware. Interestingly, the developers of the Chaes malware have been hiding intricate ASCII art pieces and messages within the code, according to Arnold Osipov, a malware researcher at Morphisec. These hidden elements praise threat hunter efforts and thank them for their interest, indicating that the developers are aware of the attention their creation has attracted. In fact, one message even acknowledges that the Chaes team was discovered by Cybereason three years ago, demonstrating a level of engagement with the cybersecurity community.
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Chaes MalwareUnspecified
2
The Chaes malware, a malicious software designed to exploit and damage computer systems, first emerged in November 2020. Initial research was conducted by Cybereason, revealing that the malware primarily targeted e-commerce customers in Latin America, particularly Brazil. This harmful program infilt
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Chaes Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
Chae$ 4: New Chaes Malware Variant Targeting Financial and Logistics Customers
DARKReading
4 months ago
'Chaes' Infostealer Code Contains Hidden Threat Hunter Love Notes
CERT-EU
8 months ago
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
CERT-EU
8 months ago
Morphisec Recognized in the Gartner® Hype Cycle™ Report for Endpoint Security, 2023
CERT-EU
8 months ago
New Chae$4 Malware Steals Login, Financial Data from Businesses
CERT-EU
8 months ago
New Chae$4 Malware Steals Login, Financial Data from Businesses | IT Security News