• Home
  • Advertising
    • Why Advertise
    • Create Your Campaign
  • About
    • About Security on Screen
    • Privacy Policy
  • Webinars
  • Social Wall
  • Contact Us
Thursday, June 30, 2022
No Result
View All Result
  • Login
  • Register

No products in the basket.

Submit News
Submit video
  • Create Your Campaign
  • Product Groups
    • Access Control
    • Biometrics
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Cyber-Security
  • Industry sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
  • Create Your Campaign
  • Product Groups
    • Access Control
    • Biometrics
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Cyber-Security
  • Industry sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
No Result
View All Result
No Result
View All Result

Newly discovered ‘Chaes’ malware targeting e-commerce customers

by James Ling
18/11/2020
in Business News, Cyber Security, PRESS RELEASE, Retail

The Cybereason Nocturnus Team has identified an active campaign targeting customers of a larger e-commerce platform with newly identified multi-stage malware that evades antivirus tools dubbed Chaes. The info-stealing malware is designed to harvest sensitive consumer information, including login credentials, credit card numbers and other financial information.

The Nocturnus Team has been tracking threat actors leveraging the previously undetected Chaes malware to primarily target Brazilian customers of the largest e-commerce company in Latin America, MercadoLivre. The researchers noted that the Latin American cybercrime scene has evolved a great deal in recent years, with some of the more notorious malware variants gaining prominence in just the last year, including Grandoreiro, Ursa and Astaroth.

These Latin American operations typically demonstrate some unique features when it comes to the tactics, techniques and procedures employed, as well as how the malware is propagated to infect victims. These trends include the use of .MSI files as an initial way to start the infection chain, the use of Delphi as the preferred language to code the malware, extensive use of LOLBins to execute content, and the downloading of legitimate tools to expand the malware’s capabilities and aid in evasion of antivirus software.

Chaes specifically targets the Brazilian website of e-commerce company MercadoLivre and its payment page MercadoPago to steal its customers’ financial information. The final payload of Chaes is a Node.Js information stealer that exfiltrates data using the node process. Chaes is designed to steal sensitive information from the browser such as login credentials, credit card numbers, and other financial information. It also takes screenshots of the infected machine, hooks and monitors the Chrome web browser to collect user information from infected hosts.

Chaes infections consist of several stages that include use of legitimate software, making it very challenging to detect by traditional antivirus tools. Chaes also executes multiple stages and is written in several programming languages including Javascript, Vbscript, .NET, Delphi and Node.js. It operates using legitimate tools such as Python, Unrar and Node.js, and functional stages consist of several techniques such as use of LoLbins, open source tools, fileless actions and use of legitimate node.js libraries designed to increase the malware’s stealthiness.

“Threat actors put a great deal of time, resources and effort into choosing their targets for criminal operations such as this, and a return on their investment is always top of mind,” said Lior Div, Cybereason co-founder and CEO. “Undoubtedly, the dramatic increase in the volume of online shopping transactions has not escaped their notice, so it’s not surprising to see new and ever-more sophisticated malware variants emerging to take advantage of the current circumstances. Individuals should be vigilant when it comes to cyber hygiene to avoid malware infections in general, and should maintain situational awareness when engaged in online shopping or banking to avoid becoming the victim attackers trying to take advantage of the pandemic and the recent increase in online financial activities.”

www.cybereason.com

Tags: ChaesCybereasonCybersecuritye-commerceretail
ShareTweetShare

Related Posts

OneQode teams with up Corero Network Security to protect customers from malicious DDoS attacks
Cyber Security

OneQode teams with up Corero Network Security to protect customers from malicious DDoS attacks

Seagate and Secure Logiq release recording of surveillance industry storage webinar
PRESS RELEASE

Seagate and Secure Logiq release recording of surveillance industry storage webinar

Euralarm releases revised study on False Fire Alarms in Europe
PRESS RELEASE

Euralarm releases revised study on False Fire Alarms in Europe

KnowBe4 kicks off ransomware awareness month with resource kit
Cyber Security

KnowBe4 kicks off ransomware awareness month with resource kit

Panasas teams up with MLCommons for advanced machine learning
PRESS RELEASE

Panasas teams up with MLCommons for advanced machine learning

Oprema announces June Product of the Month: CORE & PRO Series Cameras
Access Control

Oprema announces June Product of the Month: CORE & PRO Series Cameras

Load More

The Tannery, 3a John Street, Tunbridge Wells,
Kent TN4 9RU
All enquiries: +44 (0)1892 525141

  • Home
  • Advertising
  • About
  • Webinars
  • Social Wall
  • Contact Us
No Result
View All Result
  • Login
  • Sign Up
  • Cart
  • Home
  • Why Advertise
  • Create Your Campaign
  • About Security on Screen
    • Privacy Policy
  • Webinars
  • Social Wall
  • Contact Us
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
  • Product Groups
    • Access Control
    • Biometrics
    • Cyber Security
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Industry Sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities

© 2020 SecurityOnScreen.com

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.