A suspicious Telegram account with more than 500 subscribers offers a variety of threat modules for sale. The malware provided through the Telegram chat includes info-stealing tools, crypto-mining, ransomware as individual modules, and much more.
Cybercriminals are using Telegram to promote a new, modular malware-as-a-service offering for aspiring hackers. Those who subscribe to this Telegram channel can choose from a cornucopia of malware options to do some damage of their own at a relatively accessible price.
This project has been dubbed “The Eternity Project” and gives cybercriminals an option to easily target potential victims with a customized threat. Channel subscribers can buy their individual modules, with the prices for these malware tools ranging from $90 to $490. The modules don’t disappoint with their variety either. They include ransomware, clipper, worm, and miner, and they can steal passwords, credit card information, cookies, and much more. According to Cyble, the team behind “the Eternity Project” is now busy working on their next upgrade. This future module will offer distributed denial of service (DDoS) bots to the Telegram channel’s subscribers.
But for now, cybercriminals can buy the Eternity Miner, The Eternity Clipper, The Eternity Ransomware, and the Eternity Worm straight from the Telegram Chat. The Eternity Miner is the most accessible and sells at $90 for an annual subscription, while the Eternity Stealer goes for $260. The Eternity Worm, a virus that will spread through infected machines via file and network, is priced at $390. While the Eternity Ranswomare, the channels’ most expensive piece of the module, goes for $490 and can encrypt all kinds of documents, including photos and databases on disks, local shares, and USB drives, both online and offline.
The researchers discovered the channel through a TOR website, alerted by the evident growth in cybercrime through Telegram channels and cybercrime forums. Telegram allows threat actors to manage their channels without any supervision or regulation, which is why this platform has become such a hot spot for cybercrime.
Cyble also writes that each module is very likely to sell individually, and they all vary in functionality. Researchers also have a reasonable doubt to believe that modules are being repurposed from an existing Github repository, which people behind the Eternity Project are modifying and selling under a new name. Additionally, the group behind the Telegram channel is offering an annual subscription for $260 for those who want access to malware all year round. This is a cautionary tale for anyone who uses Telegram or is frequently online. Threat actors can now offer annual subscriptions to aspiring hackers should be enough of a warning.
As cyber threats become more elaborate, it is up to individual users to put effort into their cyber security. There is no silver bullet to prevent all cybercriminal activity that might come your way, but there are tools to make your device as attack-proof as possible. Firstly, you should always conceal your IP address when going online. Your IP address can reveal a lot about you, and most importantly, threat actors can use it to single you out as a target for cyber attacks. Most of us vastly overestimate our online anonymity, as our public IP address is easily accessible, and for many experienced hackers, that’s all it takes to infiltrate someone’s connection. This is why we recommend using a VPN, which will cover your tracks online and give you a fake IP address.
Secondly, it’s essential always to have a solid antivirus installed on your device. It will alert you of any suspicious files or activity on your device, and you can prevent the cyber attack from getting out of hand.
Lastly, avoid clicking on any links that look suspicious. It is common among cybercriminals to lure innocent users in with links that may appear normal. But soon after you click it, you will realize that it contains malware, and it is not the website you thought you were clicking on either. Don’t click on anything sent to you by strangers, and don’t click on pop-ups either, and you will save yourself a lot of trouble.
The best option would be to use all these tools in conjunction. The truth is that our privacy is the most sought-after commodity these days, which is why we are seeing such elaborate schemes aimed at spreading malware and infiltrating private devices. There are many ways hackers can capitalize on our negligence when it comes to cyber safety, so it is vital to stay alert and protect your personal data through various cyber security tools.