Security company Uptycs has said that the group appears to be announcing this new offering on different forums where the cyber criminals hang out. For a small share of the profits, you too can use their malware in your campaign. Like many other “as-a-service” groups on the daker side of the web they enable smaller less sophisticated groups to get in on the action for less cost than it would be to set up your own infrastructure and either develop or reverse engineer your own malware.

Cyclops has shown that it is a sophisticated group with a GoLang based ransomware for MacOS and Linux. The information stealer also is written in Go and seems to target information about the target system along with specific files (txt, doc, xls, pdf, etc.) Once after searching through a system, it then uploads them to a control server that the Cyclops affiliate can monitor.

This move by Cyclops is not new, it is following the pattern of other groups that are moving more and more into the professional service offering market. They have the money and resources to develop sophisticated malware, and other people want those tools. Sadly, this is a great example of how a free market works. Someone has a service that others want, so they build it and offer more tools, discounts etc. to keep their business and grow revenue. Oh what a time to be alive.