
Threat actors have unveiled a new all-in-one cybercrime solution that is said to benefit both sophisticated and low-level attackers. The new malware-as-a-service, dubbed ‘Eternity Project,’ may be configured with different modules depending on the type of attack being carried out.
Update:
The Eternity Project, discovered by Cyble Research Labs, is being actively marketed on a Tor website and a Telegram channel.
- The cybercrime marketplace sells a range of malware. An information stealer, a currency miner, a clipper, ransomware, a worm, and a DDoS-based bot are among them.
- Threat actors behind the new malware toolkit are promoting the features and malicious operations via extensive videos on Telegram.
- They’re distributing new updates, indicating that threat actors are actively improving malware-as-a-service capabilities.
- Surprisingly, an amateur who wants to launch an assault can utilise this modular kit to create malware.
Tools in details
- Info-stealers can steal passwords, credit cards, bookmarks, tokens, cookies, and autofill data from over 20 web browsers for $260 per year.
- It has the ability to steal data from bitcoin extensions and even cold wallets. Password managers, VPN clients, messengers, and gaming clients are all targets.
- The miner module is available for $90 per year and includes Monero mining, task manager concealment, and startup launch persistence.
- The clipper malware costs $110 a year and is capable of scanning an infected machine’s clipboard for cryptocurrency wallet addresses and substituting them with threat actors’ crypto-wallet addresses.
- The Eternity Worm costs $390 and may propagate on its own using USB drivers, local network shares, local files, cloud drives, Python projects, Discord accounts, and Telegram accounts.
- The Eternity ransomware module is the most expensive, costing $490. It targets documents, images, and databases and offers offline encryption using a mix of AES and RSA.
- The DDoS bot software is still being developed.
Worth noting
According to the findings, the Eternity Stealer module and Jester Stealer have significant similarities. Both were most likely inspired by a GitHub project called DynamicStealer.
Final Remarks
On Telegram channels and underground forums, CaaS, or Crimeware-as-a-Service, is gaining traction. The risks posed by such toolkits are likely to grow as they can let fraudsters carry out a variety of nefarious operations online. As a result, businesses must strengthen their security strategies by providing security awareness training, reducing administrative controls, and upgrading policies and procedures.
Source: https://cyware.com/news/eternity-project-a-new-swiss-army-knife-for-threat-actors-782bd03f