Focus Mode
Cyber Attack

“DIANA” Malware Control Framework for Sale

DailyDarkWeb

Threat Actor: Advanced Cybercriminals | Advanced Cybercriminals
Victim: Organizations with EDR Solutions | Organizations with EDR Solutions
Price: $3,700
Exfiltrated Data Type: Sensitive Information

Key Points :

  • The DIANA framework is a sophisticated Command and Control (C2) tool designed for advanced threat actors.
  • It is offered for sale at a price of $3,700, which includes full source code and continuous updates.
  • DIANA is capable of bypassing Endpoint Detection and Response (EDR) solutions, making it appealing to cybercriminals.
  • The framework features a web-based C2 panel that allows for remote control from various devices, enhancing operational flexibility.
  • It includes advanced malware capabilities, enabling attackers to install implants on target devices and control them remotely.
  • DIANA can evade detection by EDR and Intrusion Detection Systems (IDS) by using legitimate services as a proxy.
  • Customization options allow users to tailor DIANA’s payloads to bypass security measures effectively.
  • It supports collaboration among multiple users for coordinated attacks on the same target.
  • Stealth features include deployment behind Cloudflare and the use of decoy pages to conceal the C2’s existence.
  • DIANA is user-friendly, with automated installation scripts that simplify the setup process for users with limited technical skills.
  • The framework is cross-platform and compatible with IoT devices, ensuring operational versatility.
  • DIANA is written in multiple programming languages, showcasing its adaptability and sophistication.

The sale of DIANA highlights the increasing sophistication of tools available to cybercriminals, emphasizing the need for organizations to strengthen their security measures against such advanced threats.

The post “DIANA” Malware Command and Control Framework for Sale appeared first on Daily Dark Web.

A recent dark web announcement has revealed the sale of a sophisticated Command and Control (C2) framework named “DIANA,” designed explicitly for advanced threat actors. The seller is offering the complete package, which includes full source code and continuous updates, for $3,700. The seller claims that DIANA is a powerful tool capable of bypassing Endpoint Detection and Response (EDR) solutions, making it an attractive option for cybercriminals looking to conduct stealthy operation

Key Features of DIANA:
  • Web-Based C2 Panel: DIANA’s interface is fully web-based and responsive, allowing operators to control it from various devices, including mobile phones. This flexibility ensures ease of use in different environments.
  • Advanced Malware Capabilities: Attackers can install implants on target devices and control them remotely. DIANA uses standard technologies like HTTP for compatibility, avoiding the need for proprietary protocols. As a result, the framework remains versatile across different scenarios.
  • EDR and IDS Bypass: DIANA can evade detection by EDR and Intrusion Detection Systems (IDS), using legitimate services as a proxy. This approach makes its traffic appear normal, even to network-level protections, significantly increasing its stealth capabilities.
  • Customization and Flexibility: Users can customize DIANA’s pre-built payloads with various options to bypass security measures. Additionally, the framework supports collaboration, allowing multiple users to operate on the same target simultaneously. This feature is particularly beneficial for coordinated attacks.
  • Stealth Features: DIANA can be deployed behind Cloudflare, which increases its resilience against takedown attempts. Moreover, it includes “decoy pages” that further conceal the C2’s existence, adding another layer of security for the operator.
  • Easy Deployment: DIANA is user-friendly, simplifying the setup process. The seller provides a script that automates the installation of web servers, databases, and the framework itself. Consequently, even users with limited technical skills can deploy it effectively.
  • Cross-Platform and IoT Compatibility: DIANA is versatile, working on various devices, including IoT, by avoiding the storage of any state on the target device. This feature ensures that DIANA remains operational across different platforms.

The framework is written in multiple programming languages, including PHP, HTML, CSS, JavaScript, Go, Python, MySQL, and Bash, emphasizing its adaptability.

The sale of DIANA underscores the growing sophistication of tools available to cybercriminals. The ability to bypass modern security solutions like EDR and IDS could lead to significant breaches. Therefore, organizations should strengthen their security measures and remain vigilant against such advanced threats

The post “DIANA” Malware Command and Control Framework for Sale appeared first on Daily Dark Web.

Tags: DARK WEB, PROXY, IOT, TOOL, EDR, MOBILE