Eternity has been wreaking havoc by making malware-as-a-service (MaaS) offerings available to any interested would-be cyber attacker since January 2022.1 And at very low prices (US$70–90),2 even novice hackers could launch destructive campaigns.
For now, LilithBot and Eternity’s other offerings are up for sale on the Dark Web. But is it conceivable they might permeate the Surface Web, too? Our deep dive into the threat revealed:
- 127 domains that shared the IoCs’ IP hosts, 13% of which are dubbed “malicious” by various malware engines
- 40 additional domains containing the strings “eternity + malware,” “eternity + channel,” “eternity + team,” “eternity + project,” and “lilithbot” that could readily serve as potential threat sources, one of which is suspicious
Download a sample of the threat research materials now or contact us to access the complete set of research materials.
—
- [1] https://www.zscaler.com/blogs/security-research/analysis-lilithbot-malware-and-eternity-threat-group
- [2] https://www.theregister.com/2022/10/10/eternity_lilithbot_malware_bundle/