Cybersecurity researchers have identified a dangerous new malware subscription service capable of facilitating a wide variety of attacks.
Dubbed the "Eternity Project," the modular malware kit contains features that allow buyers to steal passwords and credit card information, launch ransomware attacks, infect victims with cryptomining malware, and more.
In the future, the malware authors also intend to release new features, including a utility that helps users launch targeted DDoS attacks.
dangerous malware
The Eternity Project kit is marketed on a Telegram channel with around 500 members, which is used by developers to announce new features and instruct buyers on how to deploy the malware more effectively.
After selecting the desired feature set and paying the corresponding fee in cryptocurrency, buyers can use Telegram Bot to automatically compile the binary. The ransomware module is the most expensive of all (at €490/year), but channel members can purchase the cryptominer for less than €100/year.
An in-depth analysis of the infostealer module also highlights the versatility of the malware. According to the researchers, this unique utility can be used to collect various data from a wide range of applications, from web browsers and crypto wallets to VPN clients, messaging apps, and more.
Worryingly, it is claimed that the Eternity Project toolkit can also bypass antivirus and endpoint protection services, a claim backed up by testing by Virus Total. Researchers from Cyble, the company responsible for identifying the threat, also claim that the malware is actively circulating in the wild.
Despite the variety of threats posed by Eternity Project malware, Cyble says there are several ways to protect yourself. Best practice advice includes maintaining regular data backups, ensuring software is always up-to-date, and refraining from opening untrustworthy links and attachments.
Via BleepingComputer