It is a veritable cyberarmy that is raising Chaos, a malware capable of taking control of entire networks of devices. He uses it to launch DDoS attacks and paralyze the Internet.
The least we can say is that the Chaos malware lives up to its name! Discovered by Black Lotus Labs researchers, a service of Lumen Technologies, it turns out to be particularly vicious and sows discord on the Internet. The malware is capable of taking control of millions of devices – from Windows and Linux PCs, to routers and corporate servers – in order to launch DDoS attacks, which can create global Internet blackouts. Hackers start by infecting a device with the virus, somehow – and without the user noticing, usually through a booby-trapped link, app or file – in order to take control of it. control. Once a large number of systems are under its command – there may be millions – it creates what is called a botnet. In short, the pirates find themselves with an army of zombie devices that are totally at their command. Then, all the botnets will coordinate to launch DDoS attacks – for Distributed Denial of Service, or “distributed denial of service” in French – against one or more IP addresses. And as much to say that it wreaks havoc…
Chaos: a malware that sows disorder in Europe
The problem with a DDoS attack is that the victimized platform quickly finds itself overwhelmed by the number of incoming connections, to the point of sometimes being offline for several days – Twitter and Amazon have already suffered this kind of attack. of attacks. If the attack grows even larger, it can cause slowdowns or even shutdowns of the Internet on a global scale. To give an example, it’s like a car heading towards a city centre: everything is moving. But if all the cars in the city are heading towards this city center, the road is completely blocked by traffic jams, and nothing moves forward: the city center becomes inaccessible.
As Chaos is able to target Windows and Linux PCs as well as routers and corporate servers, it can spread quickly to a very large number of devices, which makes it all the more dangerous. But that’s not the only danger, as Black Lotus Labs researchers point out: “Chaos features include the ability to enumerate the host’s system environment, execute shell commands remotely, load add-ons, self-propagate, and brute-force SSH private keys, in addition to being able to launch attacks DDoS”. In short, infected devices infect other devices, but can also read and write system data, bypass authentication data, send spam, and even contain other malware. Additionally, Chaos is written in Go, a computer language that hides virus activity from antivirus and other system security devices.
Chaos has been very active in Europe lately, especially in France and Italy. Other infections have also been observed in China and the United States. The identity of the cybercriminals is not yet known, but the first clues point to a group communicating in Mandarin. To avoid being among the victims, it is essential to be equipped with an antivirus, to carry out regular security updates and to restart your router from time to time. And, of course, not to click on suspicious links or download anything!