Chaes malware strikes customers of Latin America’s largest e-commerce platform

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Previously unknown malware has been detected in widespread attacks against e-commerce customers in Latin America.

The malware, dubbed Chaes by Cybereason Nocturnus researchers, is being deployed by a threat actor across the LATAM region to steal financial information.

In a blog post on Wednesday, the cybersecurity team said Brazilian customers of the area's largest e-commerce company, MercadoLivre, are the focus of the infostealing malware.

Headquartered in Buenos Aires, Argentina, MercadoLivre operates both an online marketplace and auctions platform. In 2019, an estimated 320.6 million users were registered with the e-commerce giant.

First detected in late 2020 by Cybereason, Chaes is spread via phishing campaigns, in which emails claim that a MercadoLivre purchase has been successful. To try and increase the email's look of legitimacy, the threat actors also appended a "scanned by Avast" footnote.

The messages contain a malicious .docx file attachment. Assaf Dahan, Cybereason Head of Threat Research, told ZDNet the attachment leverages "a template injection technique, using Microsoft Word's built-in feature to fetch a payload from a remote server." [...]
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,042
No problem if scripting is restricted/blocked:

1605735718032.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top