Eternity Group Hackers Offering New LilithBot Malware as a Service to Cybercriminals

News

The threat actor behind the malware-as-a-service (MaaS) called Eternity has been linked to new piece of malware called LilithBot.

“It has advanced capabilities to be used as a miner, stealer, and a clipper along with its persistence mechanisms,” Zscaler ThreatLabz researchers Shatak Jain and Aditya Sharma said in a Wednesday report.

“The group has been continuously enhancing the malware, adding improvements such as anti-debug and anti-VM checks.”

CyberSecurity

Eternity Project came on the scene earlier this year, advertising its warez and product updates on a Telegram channel. The services provided include a stealer, miner, clipper, ransomware, USB worm, and a DDoS bot.

malware-as-a-service

LilithBot is the latest addition to this list. Like its counterparts, the multifunctional malware bot is sold on a subscription basis to other cybercriminals in return for a cryptocurrency payment.

CyberSecurity

Upon a successful compromise, the information gathered through the bot – browser history, cookies, pictures, and screenshots – is compressed into a ZIP archive (“report.zip”) and exfiltrated to a remote server.

The development is a sign that the Eternity Project is actively expanding its malware arsenal, not to mention adopting sophisticated techniques to bypass detections.

Products You May Like

Articles You May Like

The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk
Fake Donald Trump Assassination Story Used in Phishing Scam

Leave a Reply

Your email address will not be published. Required fields are marked *