"'Chaes' Infostealer Code Contains Hidden Threat Hunter Love Notes"
"'Chaes' Infostealer Code Contains Hidden Threat Hunter Love Notes"
An analysis of Chaes version 4.1 reveals hidden ASCII art and a message to cybersecurity researchers, thanking them for their interest in the malware. The current Chaes campaign uses a Portuguese-language email regarding an important legal matter. If the user clicks the malicious link in the email, they are taken to a spoofed TotalAV website, where they are asked to enter their password to download a document. This article continues to discuss findings from the analysis of Chaes 4.1.