Chaos ransomware attacks Minecraft players

FortiGuard experts report that Chaos ransomware attacks Windows devices and spreads under the guise of an alt list for Minecraft players on gaming forums. So far, these attacks are mainly directed against users in Japan.

The decoy used by the attackers is alt list text files, which supposedly contain credentials for Minecraft accounts (including stolen ones), but in reality only Chaos malware can be downloaded this way.

Minecraft Alt List

Researchers note that Minecraft players sometimes use alt lists when they want to troll or taunt other players (without risking being banned). Accounts from the alt list are often used for suchcrimes”, and you can usually find such lists, Ví dụ, on paste-sites. Ngoài ra, due to the popularity of such lists, they are often distributed free of charge or created through automatic account generators.

Gamers create “alt” (alternative) accounts within Minecraft for various purposes (both good and bad): they allow them to antagonize/troll other players without having their main account banned, they provide cover for an alternative in-game identity/personality, they help avoid getting their main account banned for using cheats (gaining an unfair advantage over other gamers), vân vân.experts FortiGuard tell.

After encrypting the victim’s files, Chaos adds four random characters or numbers as an extension to the encrypted files. For decrypting the data, the ransomware demands a ransom in the amount of 2000 yen (about $ 17.56), and the money must be provided in the form of prepaid cards. Experts warn that Chaos is configured to search infected systems for files of various types, less than 2 MB in size. If the file size exceeds 2 MB, then random bytes will be inserted into the files, which will make them unrecoverable, even the victim will pay the ransom to the hackers. It is unclear whether the creators of Chaos deliberately incorporated such functionality into their ransomware in an effort to permanently damage the files of victims, or it was a mistake.

It is interesting to note that the Chaos malware was originally classified as a wiper malware with the ransomware component added later.FortiGuard told.

Let me also remind you that we talked about the fact that Grief ransomware threatens to destroy victimsdata if they turn to negotiators.

Helga Smith

Tôi luôn quan tâm đến khoa học máy tính, đặc biệt là bảo mật dữ liệu và chủ đề, được gọi là ngày nay "khoa học dữ liệu", kể từ khi tôi còn ở tuổi thiếu niên. Trước khi vào nhóm Diệt Virus với vai trò Tổng biên tập, Tôi đã làm việc với tư cách là chuyên gia an ninh mạng tại một số công ty, bao gồm một trong những nhà thầu của Amazon. Một trải nghiệm khác: Tôi đã nhận được đang giảng dạy tại các trường đại học Arden và Reading.

Gửi phản hồi

Website này sử dụng Akismet để hạn chế spam. Tìm hiểu bình luận của bạn được duyệt như thế nào.

Nút quay lại đầu trang