Tuesday 23rd August 2022
IntSum – Week 32 | 8th – 12th August 2022
Key Issue: Cybercriminals leverage new C2aaS platform for malware campaigns
Cybercriminals: Ransomware groups compromise automotive sector companies
Nation-State: North Korea continues to launch revenue-generating campaigns
Hacktivist: Pro-Russian hacktivists target Currency with daily DDoS campaigns
KEY ISSUE EXPLAINED
Cybercriminals leverage new C2aaS platform for malware campaigns.
Since early 2022, cybercriminals have employed Dark Utilities, a new Command and Control as a service platform (C2aaS), to support their operational infrastructure.
Dark Utilities is sold for EUR 9.99 on dark web marketplace forums and marketed as a full-featured platform that enables command execution, Layer 4 and Layer 7 Distributed Denial of Service (DDoS) attacks, remote access to target networks, and Monero cryptocurrency mining on infected machines.
Dark Utilities also has the ability to host multiple types of payloads through its Interplanetary File System, which enables Dark Utilities users to target several architectures without individually possessing significant development resources. To date, cybercriminals have leveraged Dark Utilities
to target Windows and Linux systems, as well as gain remote access and deploy cryptocurrency miners.
Given its low cost and extensive functionality, we assess that in addition to the 3,000 current active subscribers, the Dark Utilities user base will continue to expand rapidly, especially amongst lesser skilled adversaries lacking the technical capability to develop their C2 infrastructure. An increase in subscribers will likely increase the volume of malware deployments attempting to establish C2 using Dark Utilities.
Get our latest cyber intelligence insights straight into your inbox every week
Fill out the short form below to subscribe to our newsletter so that you never miss out on our cyber intelligence insights and news.