Security News > 2022 > August > A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'

A nascent service called Dark Utilities has already attracted 3,000 users for its ability to provide command-and-control services with the goal of commandeering compromised systems.

Users are provided an administrative panel to run commands on the machines under their control upon establishing an active C2 channel, effectively granting the attacker full access to the systems.

"Given the relatively low cost compared to the amount of functionality the platform offers, it is likely attractive to adversaries attempting to compromise systems without requiring them to create their own C2 implementation within their malware payloads," the researchers noted.

To add fuel to the fire, the malware artifacts are hosted within the decentralized InterPlanetary File System solution, making them resilient to content moderation or law enforcement intervention in a manner similar to "Bulletproof hosting."

Dark Utilities is believed to be the handiwork of a threat actor who goes by the moniker Inplex-sys in the cybercriminal underground space, with Talos identifying some sort of a "Collaborative relationship" between Inplex-sys and one of the operators of a botnet service called Smart Bot.

"Platforms like Dark Utilities lower the barrier to entry for cybercriminals entering the threat landscape by enabling them to quickly launch attacks targeting a variety of operating systems," the researchers said.

News URL

https://thehackernews.com/2022/08/a-growing-number-of-malware-attacks.html