Cybersecurity researchers uncovered ChaosBot, a new Rust-based backdoor that leverages Discord for command-and-control and exploits compromised credentials to infiltrate networks. Additionally, a new Chaos ransomware variant introduces destructive capabilities and clipboard hijacking techniques for financial theft. #ChaosBot #ChaosRansomware
Keypoints
- ChaosBot is a Rust-based backdoor that enables reconnaissance and remote command execution on infected hosts.
- The malware uses Discord profiles for command-and-control, with alternative distribution through phishing and malicious LNK files.
- Attackers exploited compromised VPN and Active Directory credentials to deploy ChaosBot within a financial institutionβs network.
- The Chaos-C++ ransomware combines destructive file deletion, file encryption, and clipboard hijacking to maximize financial impact.
- New evasion techniques include patching system functions and checking VM MAC addresses to bypass detection.
Read More: https://thehackernews.com/2025/10/new-rust-based-malware-chaosbot-hijacks.html