Security News > 2022 > May > Shopping for malware: $260 gets you a password stealer. $90 for a crypto-miner...
According to researchers at cyber-intelligence outfit Cyble, the Eternity site's operators also have a channel on Telegram, where they provide videos detailing features and functions of the Windows malware.
Once someone decides to purchase of one or more of Eternity's malware components, they have the option to customize the final binary executable for whatever crimes they want to commit.
"Interestingly, individuals who purchase the malware can utilize the Telegram Bot to build the binary," the researchers wrote.
Malware sales and subscriptions are alive and well in the cybercriminal world, with popular malware types - from ransomware to DDoS and phishing programs, as illustrated by the detection of the Frappo phishing-as-a-service tool late last month - being peddled by developers.
The list of malware that can be bought from the Eternity Project is extensive.
"While it's new that you can use a Telegram bot to build or acquire commodity malware, it is just the latest path to market for commodity and low-end malware for the script kiddie crowd. From the prices they are charging, I wouldn't expect to see this often in enterprise attacks, but certainly attacks against consumers and SMBs who lack the tools to protect themselves from even basic threats would be the most frequent victims of these tools." .
News URL
https://go.theregister.com/feed/www.theregister.com/2022/05/14/eternity-project-malware-sale/
Related news
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Crypto-stealing malware posing as a meeting app targets Web3 pros (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)