The risk actor behind the malware-as-a-service (MaaS) referred to as Eternity has been linked to new piece of malware referred to as LilithBot.
“It has superior capabilities for use as a miner, stealer, and a clipper together with its persistence mechanisms,” Zscaler ThreatLabz researchers Shatak Jain and Aditya Sharma mentioned in a Wednesday report.
“The group has been constantly enhancing the malware, including enhancements corresponding to anti-debug and anti-VM checks.”
Eternity Venture got here on the scene earlier this yr, promoting its warez and product updates on a Telegram channel. The providers supplied embrace a stealer, miner, clipper, ransomware, USB worm, and a DDoS bot.
LilithBot is the most recent addition to this listing. Like its counterparts, the multifunctional malware bot is offered on a subscription foundation to different cybercriminals in return for a cryptocurrency cost.
Upon a profitable compromise, the data gathered via the bot – browser historical past, cookies, footage, and screenshots – is compressed right into a ZIP archive (“report.zip”) and exfiltrated to a distant server.
The event is an indication that the Eternity Venture is actively increasing its malware arsenal, to not point out adopting subtle strategies to bypass detections.