Malware-as-a-service threat group Eternity Project has included the new LilithBot
malware in its arsenal, according to
The Hacker News.
LilithBot "has advanced capabilities to be used as a miner, stealer, and a clipper along with its persistence mechanisms," a report from Zscaler ThreatLabz found, adding that the malware has been continuously improved by the Eternity Project to include anti-debug and anti-VM checks. Systems impacted by LilithBot would have their information, such as browser history, cookies, screenshots, and photos, collected and compressed into a ZIP archive, which is then sent to a remote server, noted researchers. Since its emergence earlier this year, the Eternity Project has leveraged a Telegram channel to promote its various services, which include a ransomware, stealer, clipper, miner, distributed denial-of-service bot, and a USB worm, which could be availed on a subscription basis. Eternity Project's use of LilithBot indicates active expansion in its malware toolkit, as well as its continuous implementation of detection evasion approaches.