A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered — and it’s gaining traction.
As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.
The service supports payloads for Windows, Linux, and Python. It also saves hackers from initiating and setting up a C2 communication channel. For reference, a C2 server is the central hub in managing the distribution of malware.
It also allows threat actors to administer commands, configurations/new payloads, and, most importantly, extract data from systems that have been breached.
The Dark Utilities platform operates as a “C2-as-a-service” (C2aaS). It’s presented as an anonymous C2 infrastructure, with prices starting as low as 9.99 euros, or a little over $10.
It’s certainly starting to gain momentum among underground hacking services, with Cisco Talos confirming it already boasts 3,000 active subscribers. As a result, whoever is behind the operation is netting around 30,000 euros in revenue.
Word of Dark Utilities’ existence materialized in the opening stages of 2022. It delivers a fully fledged C2 system that is compatible with both the famed Tor network and regular browsers. Payloads are found within the Interplanetary File System (IPFS), which acts as a decentralized network system that stores and shares data.
Researchers from Cisco Talos confirmed that after an operating system is chosen by the threat actor, it produces a command string that “threat actors are typically embedding into PowerShell or Bash scripts to facilitate the retrieval and execution of the payload on victim machines.”
The report also adds how the administrative panel for Dark Utilities features various options for different attacks, ranging from the standard distributed denial-of-service (DDoS) operations and crypto-jacking.
Bleeping Computer stresses that when considering the popularity it has attained within the span of a few months, coupled with an attractive price point, Dark Utilities is all but set to become an even more in-demand platform, especially for hackers who don’t have a lot of experience in cybercriminal activity.
The amount of activity related to hacking throughout 2022 is unprecedented, to say the least. With hackers constantly changing their methods and moving faster than ever when it comes to scanning possible vulnerabilities, it’s no surprise that cyberattacks have nearly doubled since last year.
