For 9.99 euros, hackers get a C&C infrastructure with all the necessary features.
Dark Utilities, which offers an easy and inexpensive way for hackers to set up a C&C server for their malicious campaigns, has been discovered by Cisco Talos analysts. The service offers attackers a platform that supports payloads for Windows , Linux , Python and eliminates the difficulties associated with creating a C&C infrastructure.
Dark Utilities is advertised as a “C2-as-a-Service” (C2aaS – command and control server as a service), providing hackers with a secure, anonymous C&C infrastructure with all the extra features they need for just €9.99. The Cisco Talos report says that the service already has about 3,000 active subscribers, and its operators managed to earn about 30,000 euros.
Dark Utilities offers full C&C capabilities to its subscribers in both Tor and the public internet by hosting payloads on the Interplanetary File System (IPFS), a decentralized system for storing and exchanging data. In addition, the owners of the service plan to expand the list of available operating systems so that their subscribers can attack a wider range of devices.
Cisco Talos researchers claim that selecting an operating system generates a command line that hackers “commonly embed in Bash and PowerShell scripts to make it easier to find and deploy payloads on victim machines.” registry on Windows, Crontab entries, or Systemd services on Linux.
According to the researchers, the admin panel comes with many modules for various types of attacks, including DDoS and cryptojacking.
Cisco Talos specialists have already collected and published indicators of compromise , which should help defend against campaigns relying on Dark Utilities.