Dark Utilities “C2-as-a-Service” is attracting a growing number of customers searching for a command-and-control for their campaigns.
The popularity of the Dark Utilities “C2-as-a-Service” is rapidly increasing, over 3,000 users are already using it as command-and-control for their campaigns.
Dark Utilities was launched in early 2022, the platform that provides full-featured C2 capabilities to its users. Dark Utilities is advertised as a platform to enable remote access, command execution, conduct distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations on infected systems.
It allows threat actors to target multiple architectures without requiring technical skills. The operators of the platform offer technical support and assistance to the customers through Discord and Telegram.
“Dark Utilities provides payloads consisting of code that is executed on victim systems, allowing them to be registered with the service and establish a command and control (C2) communications channel.” reads the analysis published by Cisco Talos researchers. “The platform currently supports Windows, Linux and Python-based payloads, allowing adversaries to target multiple architectures without requiring significant development resources.”
The platform is hosted on both clear internet and Tor network, its operators offers premium access to the platform, associated payloads and API endpoints for 9.99 euros. At the time of writing, the platform had enrolled roughly 3,000 users, which is approximately 30,000 euros in income.
The Dark Utilities platform uses Discord for user authentication, it implements a dashboard displaying platform statistics, server health status and other metrics.
Users can generate new payloads for specific operating systems and deploy them on the