The platform supports multiple architectures. It seems that the operators are planning on expanding the list to offer a larger set of options for systems that could be targeted.
Further, the platform added support for ARMV71/ARM64 architectures, which are useful for targeting different embedded devices such as phones, IoTs, and routers.
This subscription-based platform provides several feature options to its users while setting up their C2.
Selecting an OS generates a command string that attackers need to add into PowerShell or Bash scripts to enable the retrieval and execution of the payload on the targeted systems.
The selected payload can be used to establish persistence on the targeted system by creating a Registry key on Windows OS, by Crontab entry, or a Systemd service on Linux.
Additionally, the administrative panel of the platform comes with different modules for different types of attacks, such as DDoS and cryptojacking.
In addition, the operators have set up support communities on Discord and Telegram to provide technical help and support to their customers.
The availability of ready-to-use C2aaS offerings at such low prices allows adversaries to carry out attacks quickly without much hassles of setting up a command center. The Dark Utilities service has already amassed thousands of subscribers due to its low prices, and it is further expected to attract more adversaries. To keep up with such threats and combat them, it is essential to continuously review and enhance defense mechanisms.