New Ransomware 'Chaos' Wipes Data, Recovery Nearly Impossible
Security experts are warning about a new threat called Chaos, a ransomware builder currently under development since June 2021. Four versions have been released so far, with the latest in August 2021. Unlike typical news, Chaos behaves more like wiper malware, making recovery nearly impossible.
Chaos targets files in two ways depending on their size. For files smaller than ~2MB, it encrypts them using AES with a randomly generated key for each file, appending the extension *CRYPTEDPAY. For larger files, it overwrites them with random bytes in Base-64 format, rendering them unrecoverable. Additionally, Chaos deletes shadow copies, backup catalog, and disables Windows recovery mode to prevent any chance of data restoration.
The Qualys Research Team has observed a new version of Chaos in development, suggesting that its creators are actively working to improve its capabilities. Security professionals are urged to take precautions to protect their organizations from such destructive attackers. It is expected that Chaos may soon be offered in underground markets on the Dark Web.
Chaos is an evolving threat that security professionals must take seriously. Its unique approach of overwriting larger files and deleting backups makes recovery extremely challenging. As it continues to develop, organizations should implement robust social security measures to protect their data and be prepared for potential attacks.
Read also:
- Strengthening Defense against Multi-faceted menaces in the Age of Authority-driven Technology
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
- Web3 Esports undergoes transformation as Aylab and CreataChain collaborate for a radical change
- Latest Tech Highlights: Top Gadgets of March 2025
