Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service
Threat actors are using the Telegram messaging platform to spread the Eternity malware, according to researchers. An account promoting the project was detected by security researchers and has amassed more than 50 subscribers. The channel offers a range of threat activity, from information stealing to cryptocurrency mining to ransomware. The malware-as-a-service offering allows aspiring attackers to chose from a range of threats. The new malware service has been named Eternity Project by those who are running the operation. Prices on the services and tools range from $90 to $490.
Researchers from Cyble released a blog post on Thursday detailing the modules for sale on the channel, including clippers, stealers, miners, worms, and ransomware. Therefore, the threat actors can chose the best tool from the arsenal to fit the attack they would like to conduct. Eternity was discovered by researchers on a TOR website. Each module is sold individually and serves a different purpose, leading researchers to believe that that they are being repurposed from code in an existing Github repository.