Skip to main content

Hacking-as-a-service lets hackers steal your data for just $10

A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered — and it’s gaining traction.

As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.

A depiction of a hacker breaking into a system via the use of code.
Getty Images

The service supports payloads for Windows, Linux, and Python. It also saves hackers from initiating and setting up a C2 communication channel. For reference, a C2 server is the central hub in managing the distribution of malware.

It also allows threat actors to administer commands, configurations/new payloads, and, most importantly, extract data from systems that have been breached.

The Dark Utilities platform operates as a “C2-as-a-service” (C2aaS). It’s presented as an anonymous C2 infrastructure, with prices starting as low as 9.99 euros, or a little over $10.

It’s certainly starting to gain momentum among underground hacking services, with Cisco Talos confirming it already boasts 3,000 active subscribers. As a result, whoever is behind the operation is netting around 30,000 euros in revenue.

Word of Dark Utilities’ existence materialized in the opening stages of 2022. It delivers a fully fledged C2 system that is compatible with both the famed Tor network and regular browsers. Payloads are found within the Interplanetary File System (IPFS), which acts as a decentralized network system that stores and shares data.

Researchers from Cisco Talos confirmed that after an operating system is chosen by the threat actor, it produces a command string that “threat actors are typically embedding into PowerShell or Bash scripts to facilitate the retrieval and execution of the payload on victim machines.”

The report also adds how the administrative panel for Dark Utilities features various options for different attacks, ranging from the standard distributed denial-of-service (DDoS) operations and crypto-jacking.

Bleeping Computer stresses that when considering the popularity it has attained within the span of a few months, coupled with an attractive price point, Dark Utilities is all but set to become an even more in-demand platform, especially for hackers who don’t have a lot of experience in cybercriminal activity.

The amount of activity related to hacking throughout 2022 is unprecedented, to say the least. With hackers constantly changing their methods and moving faster than ever when it comes to scanning possible vulnerabilities, it’s no surprise that cyberattacks have nearly doubled since last year.

Editors' Recommendations

Zak Islam
Computing Writer
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more
Is ChatGPT creating a cybersecurity nightmare? We asked the experts
A person's hand holding a smartphone. The smartphone is showing the website for the ChatGPT generative AI.

ChatGPT feels pretty inescapable right now, with stories marveling at its abilities seemingly everywhere you look. We’ve seen how it can write music, render 3D animations, and compose music. If you can think of it, ChatGPT can probably take a shot at it.

And that’s exactly the problem. There's all manner of hand-wringing in the tech community right now, with commenters frequently worrying that AI is about to lead to a malware apocalypse with even the most green-fingered hackers conjuring up unstoppable trojans and ransomware.

Read more
These embarrassing passwords got celebrities hacked
dt10 language and tech motorola razr v3 paris hilton

One thing that celebrities have in common with everyday people is that they are also susceptible to cybersecurity breaches. Many public figures have had their private and public tech accounts hacked over the years and these attacks have often been due to them simply having weak passwords that were easy for bad actors to figure out.

Socialites, actors, politicians, and even prominent tech figures are guilty of lazy password practices, and falling victim to cybercrime that has compromised their passwords.
President Donald Trump

Read more