The Dark Utilities platform offers C2 servers as a service (C2aaS) to execute distributed denial-of-service (DDoS) attacks, command execution, remote access, and initiate mining operations on the victim’s system by its subscribers. For the following reasons, C2aaS is critical to the entire cybersecurity community:
The sophisticated C2 server as a service targets affiliates with amateur knowledge to easily launch remote attacks across platforms, meaning subscribers can transfer payloads to the Windows, Linux, and Python-supported systems.
The platform is actively working on expanding its support list for other platforms. Recently, they have extended their support for ARM64 and ARMV71 architectures to launch attacks on several internet-connected devices, including Wi-Fi routers.
To make the job easier for its end customers, Dark Utilities offers technical support via its Telegram and Discord channels.
To maintain the authenticity and integrity of the C2aaS service, Dark Utilities follows a method of authentication via Discord before allowing anyone to access its service.
The platform offers a few ready-to-deploy payloads and is hosted on the Interplanetary File System (IPFS) to evade the enforcement departments and block code moderation. For the uninitiated, IPFS operates like a Tor2Web network via its gateways to ensure users don’t require any client applications to access the content.
Like ransomware as a service (RaaS) operators, Dark Utilities also offers a dashboard prompting every important attack metric, including server health and platform statistics. Such dashboards are implemented to make the attack cycle easy for the users.
The C2aaS platform lets users generate new malware payloads by selecting a particular operating system from the dashboard. Once the target operating system is set, the system automatically generates a command string to retrieve and execute the malware payload on victim systems.
The premium access to the C2aaS service is available at just 9.99 euros, which is dirt cheap compared to hsting a C2 server individually. As expected, almost 3,000 users have already enrolled in the service at press time.