Eternity Group behind LilithBot malware

Share post:

Zscaler researchers traced a newly discovered sample of LilithBot malware to the Eternity group, which is also behind the MaaS malware-as-a-service model.

“ThreatLabz recently discovered a sample of the multi-function malware LilithBot in our database. Further research revealed that this was associated with the Eternity group (a.k.a. EternityTeam; Eternity Project), a threat group linked to the Russian ‘Jester Group,’ that has been active since at least January 2022. Eternity uses an as-a-service subscription model to distribute different Eternity-branded malware modules in underground forums, including a stealer, miner, botnet, ransomware, worm +dropper and a DDoS bot,” the report, published by Zscaler, states.

LilithBot, an advanced malware, is a versatile threat that can be used as a miner, stealer and clipper. It can steal all information from infected systems, including browsing history, cookies, images and screenshots, and then upload it as a zip file to Command and Control.

It is also a multifunctional malware that is offered via a MaaS model and can be purchased through Tor, where it sells a wide range of malware, including stealers, miners, ransomware and DDoS bots.

Eternity Group is also working to improve the malware by adding new features such as anti-debugging features, anti-VM checks, and a DDoS bot malware that borrows code from the existing GitHub repository to actively expand its malware inventory and deploy advanced detection techniques.

LilithBot is sold to cybercriminals on a subscription basis: The Stealer module costs $260 per year, the Miner module $90 per year, Clipper malware $110, ransomware costs $490 and the Eternity worm $390.

The sources for this piece include an article in TheHackerNews.

SUBSCRIBE NOW

Related articles

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

A Hacker’s View Of The City: Cyber Security Today Special Edition

Discover how hackers exploit smart cities' vulnerabilities and what this means for our critical infrastructure. In this gripping...

Ransomware Surge Targets U.S. Energy and Utilities Sector Amid Legacy System Challenges: Report

A recent Trustwave SpiderLabs report underscores the growing cybersecurity challenges in the U.S. energy and utilities sector, driven...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways