This ‘undetectable’ malware kit packs a whole load of threats into a single package

The Eternity Project malware toolkit is a potent weapon

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurity researchers have identified a dangerous newmalwaresubscription service capable of facilitating a wide variety of attacks.

Branded the “Eternity Project”, the modular malware kit contains functionality that enables buyers to stealpasswordsand credit card information, launchransomwareattacks, infect victims with cryptomining malware and more.

In future, the malware authors also intend to deliver new features, including a utility that helps users launch targetedDDoSattacks.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Dangerous malware

The Eternity Project kit is being marketed in a Telegram channel with roughly 500 members, which is used by the developers to announce new features and instruct buyers on how to deploy the malware most effectively.

After selecting their desired feature set and paying the corresponding fee in cryptocurrency, buyers can reportedly utilize the Telegram Bot to compile the binary automatically. The ransomware module is the most expensive of all (at $490/year), but channel members can purchase the crypto miner for less than $100/year.

Battle.net hit by huge DDoS attack>The little-known pact at the heart of cybersecurity>REvil ransomware is officially back in action

A deep-dive analysis of the infostealer module also highlights the versatility of the malware. According to researchers, this single utility can be used to harvest various data from a diverse range of apps, fromweb browsersand crypto wallets toVPNclients, messaging apps and more.

Worryingly, the Eternity Project toolkit is supposedly capable of bypassingantivirusandendpoint protectionservices too, a claim corroborated by Virus Total tests. Researchers at Cyble, the company responsible for identifying the threat, also say the malware is actively circulating in the wild.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Despite the range of threats posed by Eternity Project malware, Cyble says there are a few ways people can protect themselves. The best-practice advice includes maintaining regulardata backups, ensuring software is always up to date and refraining from opening untrusted links andemailattachments.

ViaBleepingComputer

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Washington state court systems taken offline following cyberattack

Is it still worth using Proton VPN Free?

Top 3 things you have to try with the new ChatGPT search