Will JavaScript type annotations kill TypeScript?
The creators of Svelte and Turbo 8 both dropped TS recently saying that "it's not worth it".
Yes: If JavaScript gets type annotations then there's no reason for TypeScript to exist.
No: TypeScript remains the best language for structuring large enterprise applications.
TBD: The existing user base and its corpensource owner means that TypeScript isn’t likely to reach EOL without a putting up a fight.
I hope they both die. I mean, if you really need strong types in the browser then you could leverage WASM and use a real programming language.
I don’t know and I don’t care.

Chae$ 4: The Evolution of a Cyberthreat

The Chaes malware family has grown into the much more dangerous Chae$ 4.
Sep 11th, 2023 12:03pm by
Featued image for: Chae$ 4: The Evolution of a Cyberthreat
Feature Image by Peter Stanic from Pixabay.

Chae$ 4 isn’t your run-of-the-mill Chaes malware variant. The earlier versions of Chaes stole information, primarily login credentials, from browsers. It could also capture screens, monitor browsers, and perform reconnaissance. Annoying, but nothing to write home about. Now, the endpoint security company Morphisec has discovered a new and advanced variant, Chae$ 4. This variant primarily targets the logistics and financial sectors, which means business.

The primary targets have been prominent platforms and banks, including Mercado Libre, Mercado Pago, WhatsApp Web, Itau Bank, Caixa Bank, and MetaMask. Additionally, many content management system (CMS) services, such as WordPress, Joomla, Drupal, and Magento, have also been compromised.

Along with targeting FinOps companies, Chase has undergone significant revamps, from a complete rewrite in Python, which led to decreased detection rates by traditional defense systems, to a full redesign with an enhanced communication protocol. The malware now also features a range of new modules that amplify its malicious capabilities.

Specifically, it now boasts:

  • Enhanced code architecture and modularity.
  • Increased encryption and stealth capabilities.
  • Shift to Python for decryption and dynamic in-memory execution.
  • Replacement of Puppeteer with a custom approach for monitoring Chromium browsers.
  • Expanded target services for credential theft.
  • Use of WebSockets for communication between modules and the C2 server.
  • Implementation of domain generation algorithm (DGA) for dynamic C2 server address resolution.

The malware initiates with a deceptive MSI Windows installer, typically masquerading as a JAVA JDE installer or Antivirus software. Once executed, the malware deploys and downloads its required files, activating the core module, ChaesCore. This module sets persistence and migrates into targeted processes, subsequently starting its malicious activities.

During the investigation, Morphisec identified seven distinct modules, each with its unique functionalities. Notably, the threat actor displays a pronounced interest in cryptocurrency, evident from the clipper’s usage to steal BTC and ETH and the module that pilfers MetaMask crypto wallet credentials.

If you want to know more, check out Morphisec’s in-depth technical analysis

of Chae$ 4. Stay informed, stay safe.

Group Created with Sketch.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.