Eternity Project - A New Swiss Army Knife for Threat Actors

What’s the update?

• The cybercrime service offers a variety of malware for sale. These include an info-stealer, a coin miner, a clipper, ransomware, a worm, and a DDoS-based bot.
• The threat actors behind the new malware toolkit are using the Telegram to promote the features and malware operations through detailed videos.
• They are sharing new updates, which indicates that the threat actors are actively enhancing the features of malware-as-a-service.
• Interestingly, an amateur with the intention to launch an attack can also use this modular kit to build malware. 

Tools in details

• Info-stealer, which is sold for $260/year, can steal passwords, credit cards, bookmarks, tokens, cookies, and autofill data stored in over 20 web browsers. 
• It can pilfer information from cryptocurrency extensions or even cold wallets. It also targets password managers, VPN clients, messengers, and gaming clients.
• The miner module is sold at a price of $90/year and features Monero mining capability, task manager hiding, and startup launch persistence. 
• The clipper malware is set at a price of $110/year and is capable of monitoring the clipboard of an infected machine for cryptocurrency wallets and replacing them with threat actors’ crypto-wallet addresses.
• The Eternity Worm is being sold at a price of $390 and is capable of spreading on its own via USB drivers, local network shares, local files, cloud drives, Python projects, Discord accounts, and Telegram accounts.
• The Eternity ransomware is the most expensive module and is priced at $490. It supports offline encryption using a combination of AES and RSA and targets documents, photos, and databases.
• The DDoS bot malware is currently under development.

Worth noting

Conclusion