More aggressive Chaos ransomware variant discovered

HackRead reports that Windows systems have been targeted by a new version of the highly destructive Chaos ransomware strain dubbed "Chaos-C++," which is the first of its kind to not be based on the .NET programming language.

While Chaos ransomware's older Chaos_2021, Lucky_Gh0$t, and BlackSnake variants have encrypted smaller files and deleted larger ones, Chaos-C++ ransomware which is spread using the bogus System Optimizer v2.1 tool skipped files with sizes ranging from 50 MB to 1.3 GB and instantly removed those larger than 1.3 GB for accelerated and irreversible data destruction, an analysis from Fortinet's FortiGuard Labs researchers revealed.

Additional findings showed Chaos-C++ to have been integrated with clipboard hijacking capabilities that enable cryptocurrency exfiltration via the automated swapping of valid Bitcoin addresses with attacker-controlled ones.

Such continued evolution of the Chaos ransomware should prompt increased vigilance in using unauthorized software, said researchers.