Skip to main content

Hacking-as-a-service lets hackers steal your data for just $10

A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered — and it’s gaining traction.

As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.

Related Videos
A depiction of a hacker breaking into a system via the use of code.
Getty Images

The service supports payloads for Windows, Linux, and Python. It also saves hackers from initiating and setting up a C2 communication channel. For reference, a C2 server is the central hub in managing the distribution of malware.

It also allows threat actors to administer commands, configurations/new payloads, and, most importantly, extract data from systems that have been breached.

The Dark Utilities platform operates as a “C2-as-a-service” (C2aaS). It’s presented as an anonymous C2 infrastructure, with prices starting as low as 9.99 euros, or a little over $10.

It’s certainly starting to gain momentum among underground hacking services, with Cisco Talos confirming it already boasts 3,000 active subscribers. As a result, whoever is behind the operation is netting around 30,000 euros in revenue.

Word of Dark Utilities’ existence materialized in the opening stages of 2022. It delivers a fully fledged C2 system that is compatible with both the famed Tor network and regular browsers. Payloads are found within the Interplanetary File System (IPFS), which acts as a decentralized network system that stores and shares data.

Researchers from Cisco Talos confirmed that after an operating system is chosen by the threat actor, it produces a command string that “threat actors are typically embedding into PowerShell or Bash scripts to facilitate the retrieval and execution of the payload on victim machines.”

The report also adds how the administrative panel for Dark Utilities features various options for different attacks, ranging from the standard distributed denial-of-service (DDoS) operations and crypto-jacking.

Bleeping Computer stresses that when considering the popularity it has attained within the span of a few months, coupled with an attractive price point, Dark Utilities is all but set to become an even more in-demand platform, especially for hackers who don’t have a lot of experience in cybercriminal activity.

The amount of activity related to hacking throughout 2022 is unprecedented, to say the least. With hackers constantly changing their methods and moving faster than ever when it comes to scanning possible vulnerabilities, it’s no surprise that cyberattacks have nearly doubled since last year.

Editors' Recommendations

Hackers used 30,000 computers for record-breaking DDoS attack
An illustration of a grid of devices with one in red, infected device highlighted.

Hackers launched a record-breaking distributed denial of service (DDoS) attack over the weekend, employing a network of botnets to make requests from over 30,000 IP addresses.

While that isn't a big network of computers, the onslaught was able to exceed 71 million requests per second (rps), surpassing the previous record of 46 million rps set in June 2022 by 35%. This is what's known as a volumetric attack that consumes the target website's bandwidth by sending large amounts of data from multiple sources at once.

Read more
Great, hackers are now using ChatGPT to create malware
A laptop opened to the ChatGPT website.

A new threat has surfaced in the ChatGPT saga, with cybercriminals having developed a way to hack the AI chatbot and inundate it with malware commands.

The research firm Checkpoint has discovered that hackers have designed bots that can infiltrate OpenAI's GPT-3 API and alter its code so that it can generate malicious content, such as text that can be used for phishing emails and malware scripts.

Read more
Voice actors seeing an increasing threat from AI
best podcast apps for android microphone in radio station broadcasting studio

Voice actors are the latest creatives to feel the heat from artificial intelligence (AI).

According to a Motherboard report this week, those providing their voices for content such as ads, gaming titles, and animations have been noticing how clients are increasingly asking them to sign contracts that hand over the rights to their voice so that AI can be used to create a synthetic version.

Read more