Eternity Project Malware Toolset Is a Potent Threat.

A dangerous new malware subscription service capable of facilitating a wide variety of attacks has been identified by security researchers.

Researchers refer to the service as “Eternity Project,” and have stated that the malware toolkit is modular in nature and allows purchasers to perform ransomware attacks, deploy cryptomining malware, steal passwords, and credit card information, and much more.

According to the Dark Web marketing communications observed by the researchers from Cyble, the developers plan to add new features over time, as most legitimate software developers would. One such feature that has been specified is a utility to facilitate the creation of distributed denial of service (DDoS) attacks that target specific entities. Eternity Project’s creators are currently marketing the solution via a Telegram channel through which Dark Web developers commonly announce new features and provide instructions to buyers on ways to most effectively use their products.

Using cryptcurrency, buyers choose what features they wish to use and pay associated fees, after which the customers can then use a Telegram Bot and auto-compile the required software binary file. Ransomware tools in the kit run at the highest prices at $490/year, whereas members of the channel are given a member discount for the cryptomining tool that makes it purchasable for less than $100/year.

Researchers performed an in-depth analysis of the infostealer module—by which passwords and credit card information can be snatched—and found it to be quite versatile. Apparently, that tool alone can harvest a variety of data from a wide range of commonly used software, including browsers, crypto wallets, VPN clients, direct messaging applications, and so on.

Most concerning is the fact that Eternity Project is supposedly able to evade anti-malware and advanced endpoint protection solutions. The researchers validated this claim using Virus Total tests. Recommended actions to protect organizations from this toolkit include the typical anti-ransomware measures—with regularly created offsite and unreachable backups—and maintaining appropriate patching cadences. Caution in viewing emails and websites can also reduce an organization’s risk exposure.

All this is supported by the implementation of a robust security program. Webcheck Security stands ready to assist your organization with identifying security gaps, closing them, and developing a program that keeps them closed—increasing your security posture over time. Reach out to Webcheck today to learn how we can help you achieve your security objectives.