Dark Utilities: Off the shelf Command-And-Control Attacks…

by

August 8, 2022

Entities offering Cyberattacks-as-a-Service are fairly common and the newest member of the club, called Dark Utilities, is gaining popularity quickly.

First spotted in 2022, Dark Utilities specializes in Command-and-Control (C2) attacks. C2-as-a-Service (C2aaS) can include remote access, command execution, distributed denial-of-service (DDoS) attacks, and more. And all for the low low cost of €9.99 (about $10.20 US) per attack.

Once the end-user makes the purchase, they’re presented with a dashboard from which they can run their nefarious scheme. That dashboard allows them to custom tailor payloads to specific operating systems as well as run commands on infected machines.

To make matters worse, Dark Utilities uses the InterPlanetary File System (IPFS) to host its malware bits and baubles. This makes content moderation and intervention from law enforcement nearly impossible.

Once a payload has been generated, it’s up to the end-user to solicit it amongst their targets. From what we can tell Dark Utilities doesn’t offer any means of helping the buyer target and install its product on end-points.

How can you protect yourself?

At this time we can’t rightly say if any of the next-generation protective products would be of much help in defending you from an infestation. There’s a good chance they would. They keep up to date regarding emerging threats and whatnot.

The best way to protect yourself is through understanding the process, or life cycle, of these kinds of attacks and knowing where the weak points (so to speak) are.

For that, we recommend you familiarize yourself with Social Engineering Attacks. Attackers typically use social engineering attacks to accomplish their goals of infecting your end-points and other information technology systems.

If you and your end-users can learn how to spot one of these attacks, you’ll be doing yourself a huge favor in the long run.

Check out Security7 Network’s Social Engineering Attack Guide.

 

Carl Keyser is the Content Manager at Integris.

Keep reading

Bridging the Gap between Automation and Innovation

Bridging the Gap between Automation and Innovation

Automation and Innovation. Some people might say those two words cancel each other out. Yet, I believe these two concepts can create capacity for each other—if your business leverages the free time automation creates to foster innovation. Automation can be...

Hot New Ways to Customize Microsoft Teams for Your Industry in 2024

Hot New Ways to Customize Microsoft Teams for Your Industry in 2024

Nearly everyone with Microsoft Teams knows what a tremendous tool it is for chat, document sharing, and meetings between individuals or large groups. We’re used to using the tool as it appears on our screens daily. But did you know hundreds of integrations available...

Why Is My Laptop Draining So Fast?

Why Is My Laptop Draining So Fast?

Before You Replace Your Laptop Battery, Try These Fixes First Stuck with a laptop that’s running out way before it’s standard 8-10 hours of run time? Don't throw it out just yet.  Try these quick fixes to extend its life: Reduce your screen brightness If possible,...