Threat actors have unveiled a new all-in-one cybercrime solution that is said to benefit both sophisticated and low-level attackers. The new malware-as-a-service, dubbed ‘Eternity Project,’ may be configured with different modules depending on the type of attack being carried out.

Update:

The Eternity Project, discovered by Cyble Research Labs, is being actively marketed on a Tor website and a Telegram channel.

  • The cybercrime marketplace sells a range of malware. An information stealer, a currency miner, a clipper, ransomware, a worm, and a DDoS-based bot are among them.
  • Threat actors behind the new malware toolkit are promoting the features and malicious operations via extensive videos on Telegram.
  • They’re distributing new updates, indicating that threat actors are actively improving malware-as-a-service capabilities.
  • Surprisingly, an amateur who wants to launch an assault can utilise this modular kit to create malware.      

Tools in details

  • Info-stealers can steal passwords, credit cards, bookmarks, tokens, cookies, and autofill data from over 20 web browsers for $260 per year.
  • It has the ability to steal data from bitcoin extensions and even cold wallets. Password managers, VPN clients, messengers, and gaming clients are all targets.
  • The miner module is available for $90 per year and includes Monero mining, task manager concealment, and startup launch persistence.
  • The clipper malware costs $110 a year and is capable of scanning an infected machine’s clipboard for cryptocurrency wallet addresses and substituting them with threat actors’ crypto-wallet addresses.
  • The Eternity Worm costs $390 and may propagate on its own using USB drivers, local network shares, local files, cloud drives, Python projects, Discord accounts, and Telegram accounts.
  • The Eternity ransomware module is the most expensive, costing $490. It targets documents, images, and databases and offers offline encryption using a mix of AES and RSA.
  • The DDoS bot software is still being developed.

Worth noting

According to the findings, the Eternity Stealer module and Jester Stealer have significant similarities. Both were most likely inspired by a GitHub project called DynamicStealer.

Final Remarks

On Telegram channels and underground forums, CaaS, or Crimeware-as-a-Service, is gaining traction. The risks posed by such toolkits are likely to grow as they can let fraudsters carry out a variety of nefarious operations online. As a result, businesses must strengthen their security strategies by providing security awareness training, reducing administrative controls, and upgrading policies and procedures.

Source: https://cyware.com/news/eternity-project-a-new-swiss-army-knife-for-threat-actors-782bd03f