Skip to main content

Hacking-as-a-service lets hackers steal your data for just $10

A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered — and it’s gaining traction.

As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.

A depiction of a hacker breaking into a system via the use of code.
Getty Images

The service supports payloads for Windows, Linux, and Python. It also saves hackers from initiating and setting up a C2 communication channel. For reference, a C2 server is the central hub in managing the distribution of malware.

Recommended Videos

It also allows threat actors to administer commands, configurations/new payloads, and, most importantly, extract data from systems that have been breached.

Please enable Javascript to view this content

The Dark Utilities platform operates as a “C2-as-a-service” (C2aaS). It’s presented as an anonymous C2 infrastructure, with prices starting as low as 9.99 euros, or a little over $10.

It’s certainly starting to gain momentum among underground hacking services, with Cisco Talos confirming it already boasts 3,000 active subscribers. As a result, whoever is behind the operation is netting around 30,000 euros in revenue.

Word of Dark Utilities’ existence materialized in the opening stages of 2022. It delivers a fully fledged C2 system that is compatible with both the famed Tor network and regular browsers. Payloads are found within the Interplanetary File System (IPFS), which acts as a decentralized network system that stores and shares data.

Researchers from Cisco Talos confirmed that after an operating system is chosen by the threat actor, it produces a command string that “threat actors are typically embedding into PowerShell or Bash scripts to facilitate the retrieval and execution of the payload on victim machines.”

The report also adds how the administrative panel for Dark Utilities features various options for different attacks, ranging from the standard distributed denial-of-service (DDoS) operations and crypto-jacking.

Bleeping Computer stresses that when considering the popularity it has attained within the span of a few months, coupled with an attractive price point, Dark Utilities is all but set to become an even more in-demand platform, especially for hackers who don’t have a lot of experience in cybercriminal activity.

The amount of activity related to hacking throughout 2022 is unprecedented, to say the least. With hackers constantly changing their methods and moving faster than ever when it comes to scanning possible vulnerabilities, it’s no surprise that cyberattacks have nearly doubled since last year.

Zak Islam
Former Digital Trends Contributor
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
This massive exploit lets hackers breach apps like Chrome, 1Password, and Telegram
A dark mystery hand typing on a laptop computer at night.

A massive security bug has just been discovered that affects WebP images used in untold numbers of websites and apps, and it could potentially let hackers break into your computer and extract data from it. In fact, Google has already seen it being actively exploited in the wild. Because of that, it’s essential that you patch your computer as soon as possible.

The discovery has been detailed by researcher Alex Ivanovs, who wrote about the bug in a blog post. Right now, it seems to affect almost all of the best web browsers, including Chrome, Firefox, Edge, and Brave. WebP images are used all over the web, meaning huge numbers of sites and apps could be affected.

Read more
This dangerous new Mac malware steals your credit card info
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

Read more
Lapsus$ hackers convicted of breaching GTA 6, Nvidia, and more
A hacker typing on an Apple MacBook laptop, which shows code on its screen.

The Lapsus$ hacking gang caused havoc in 2021 and 2022 with a series of high-profile security breaches and ransom demands. Yet things have been very quiet since then, and two alleged members of the group have just been convicted in the U.K., potentially bringing an end to one of the most notable hacking sprees in recent times.

According to Bloomberg and the BBC, two people accused of being members of the gang were convicted in the U.K. of a number of crimes, including serious computer misuse, blackmail, and fraud. The defendants included Arion Kurtaj, 18, and a 17-year-old male who could not be named due to his age. Both defendants are autistic and psychiatrists deemed that Kurtaj was not fit to stand trial, so he did not give evidence. They will both be sentenced at a later date.

Read more