The menace actor behind the malware-as-a-service (MaaS) known as Eternity has been linked to new piece of malware known as LilithBot.
“It has superior capabilities for use as a miner, stealer, and a clipper together with its persistence mechanisms,” Zscaler ThreatLabz researchers Shatak Jain and Aditya Sharma said in a Wednesday report.
“The group has been constantly enhancing the malware, including enhancements comparable to anti-debug and anti-VM checks.”
Eternity Project got here on the scene earlier this yr, promoting its warez and product updates on a Telegram channel. The companies supplied embody a stealer, miner, clipper, ransomware, USB worm, and a DDoS bot.
LilithBot is the newest addition to this listing. Like its counterparts, the multifunctional malware bot is bought on a subscription foundation to different cybercriminals in return for a cryptocurrency cost.
Upon a profitable compromise, the knowledge gathered by the bot – browser historical past, cookies, photos, and screenshots – is compressed right into a ZIP archive (“report.zip”) and exfiltrated to a distant server.
The event is an indication that the Eternity Venture is actively increasing its malware arsenal, to not point out adopting subtle strategies to bypass detections.