CYBER 101

  • Alerts
  • Blog
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Domains
  • FAQ
  • Incidents
  • Tutorials

Join our newsletter

FOLLOW US

  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Events
  • Jobs
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Events
  • Jobs
Get Help
CyberMaterial

CHAES: Novel Malware Targeting Latin American E-Commerce

by Cybereason

1 min read
in Document, Report

The Cybereason Nocturnus Team has been tracking a threat actor leveraging previously undetected malware dubbed “Chaes” to target e-commerce customers in Latin America (LATAM).

Chaes malware, which was first discovered in the middle to late 2020 by Cybereason, is a multistage information stealer that primarily targets Brazil and specifically the Brazilian customers of the largest e-commerce company in Latin America, MercadoLivre. In recent years, the LATAM cybercrime scene has evolved a great deal. Some of the most notorious malwarevariants that have been prominent in the region over the last year include Grandoreiro, Ursa and Astaroth.
LATAM cybercrime activities demonstrate unique features when it comes to TTP’s and how malware is propagated on an infected machine. Some of the shared similarities include:

• Leveraging of .MSI files as an initial way to start the infection chain
• The use of Delphi as the preferred language to write malware
• Extensive use of LOLBins to execute content
• Downloading additional legitimate tools to expand the malware’s capabilities and for obfuscation
When observing the shared behavior and mindset of LATAM-based threat actors, Cybereason researchers
observed that the malware authors emphasize the need to stay under the radar as much as possible, and prefer
to use already-existing tools or legitimate software if it fits their needs.

DOWNLOAD REPORT

Related

Tags: DocumentsEcommerce-reportsmalware-documentsReports
1
VIEWS
ADVERTISEMENT

Related Posts

Cybersecurity: Incident Response Short Student Guide

Cybersecurity: Incident Response Short Student Guide

August 11, 2022
Cyber Security Incident Response Plan

Cyber Security Incident Response Plan

August 11, 2022
Sample Incident Handling Checklist

Sample Incident Handling Checklist

August 11, 2022
Incident Response Cheat Sheet

Incident Response Cheat Sheet

August 11, 2022

More Articles

Alerts

Schneider Electric security advisory

February 25, 2022
Podcast

Recorded Future

February 24, 2021
Documentary

We Are Legion: The Story of the Hacktivists (2012)

October 9, 2020
Incidents

San Francisco 49ers confirm ransomware attack

February 14, 2022

HIPAA Talk

August 9, 2022
Tool

NICE Framework for Cybersecurity

March 7, 2022

Red teamers arrested conducting a penetration test

July 15, 2022
Book

Key Risk Indicator A Complete Guide – 2021 Edition

June 22, 2022
Load More

Security through data

Cybersecurity Domains

  • Application Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • Governance
  • IAM
  • Physical Security
  • More...

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • AR/VR
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • IoT
  • Quantum Computing
  • More...

Frameworks

  • CIS Controls
  • CISA TSS
  • FISMA
  • GDPR
  • ISO 2701/02
  • MITRE ATT&CK
  • NIST
  • NYS-DFS
  • More...

Industries

  • Automation
  • E-Commerce
  • Education
  • Fake News
  • Financial
  • Government
  • Health Care
  • Military
  • More...

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering
  • Vulnerabilities
  • More...

© 2022 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
Search

More...

Generic filters
Filter by Categories
Alerts
Blog
Book
Incidents
Quotes
Tutorials
Certification
Cheat Sheet
Course
Game
Meme
Movie
Paper
Podcast
Report
Software
TV Show

Try these: DDoSGDPRMalware

  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Join our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.