Site icon The Cybersecurity Daily News

Malware being sold on Telegram as part of the “Eternity project”

android malware

CyberDaily; Cybersecurity news

CyberDaily: Cybersecurity News

An unknown threat actor has been identified as the developer of a malware toolkit called the “Eternity Project”. The malware allows professional and amateur cybercriminals to buy stealers, clippers, worms, miners, ransomware, and a distributed denial-of-service (DDoS) bot. 

The malware-as-a-service(MaaS) is unique because it not only uses a Telegram channel to communicate updates about the latest features but also uses a Telegram Bot to allow purchasers to build the binary.

“The [threat actors] provide an option in the Telegram channel to customize the binary features, which provides an effective way to build binaries without any dependencies,” researchers from Cyble said in a report published last week.

Each of the modules is offered separately and allows access to a range of functions –

Cyble drew attention to redesigning existing codes relating to DynamicStealer by malware authors; the code is available on GitHub and trading under a new moniker for profit. 

Jester Stealer, another malware uncovered in February 2022 and has been used in phishing attacks against Ukraine, uses the same GitHub repository for downloading TOR proxies, suggesting a  possible link between the two threat actors.

The cybersecurity firm also said it “has observed a significant increase in cybercrime through Telegram channels and cybercrime forums where [threat actors] sell their products without any regulation.”

 Last week, BlackBerry exposed the inner workings of a remote access trojan called DCRat (aka DarkCrystal RAT) that’s available for sale at cheap prices on Russian hacking forums and uses a Telegram channel for sharing details regarding software and plugin updates.


Exit mobile version