Cybercriminals have introduced the ‘Eternity Malware Project,’ a new malware-as-a-service offering in which cyber attackers may buy a malware toolkit that can be modified with different modules based on the type of attack being carried out.
The Eternity Malware Project, discovered by Cyble Research Labs, is aggressively pushed on a Tor website and a Telegram channel.
Clients can choose from a wide range of products, including ransomware, Worm, malware, DDoS (Distributed Denial of Service) Bot, bitcoin mining apps, and more, with fees ranging from $90 (about. Rs 7,003) to $490. (around Rs 38,125).
Researchers at Cyble who found the Eternity Malware Project told that while they hadn’t had time to investigate all of the modules, they had observed copies of the virus circulating and being used in the wild, and all user comments on Telegram point to this being a serious concern.
Cyble researchers discovered significant similarities between the stealer module and the Jester Stealer, both of which are likely sourced from a GitHub project called DynamicStealer.
“Curiously, anybody who buy the virus can use the Telegram Bot to construct the binary,” the researchers stated. “In the Telegram channel, the [cyber attackers] give an ability to configure the binary features, which provides an effective technique to construct binaries without any dependencies.”
Malware sales and subscriptions are alive and well in the cybercriminal world, with developers offering popular malware kinds ranging from ransomware to DDoS and phishing programmes, as evidenced by the discovery of the Frappo phishing-as-a-service tool late last month.
Some criminals also provide access to infiltrated networks via stolen credentials or direct access.
The programmer has several options for monetizing their work with malware-as-a-service. They can use their malware to steal money, make money by leasing or selling the code, and charge for support and associated services. At the same time, criminals who lack the knowledge or time to create their own harmful code can just purchase it from someone else.
CaaS, or Crimeware-as-a-Service, is gaining acceptance in deep web and Telegram groups. Threats posed by such toolkits are anticipated to grow as they enable fraudsters to engage in a variety of destructive online activities.
Businesses must consequently strengthen their defences by providing security awareness training, reducing administrative controls, and upgrading policies and procedures.