New Cybercrime Market 'OLVX' Gains Popularity Among Hackers

Cyber Security Threat Summary:
ZeroFox Researchers have identified a new online marketplace dubbed ‘OLVX’ which has become a popular place for cybercriminals to purchase tools and services that can be used to launch cyberattacks. Unlike previous marketplaces which were hosted on the dark web, OLVX is being hosted on the Clearnet, allowing it to gain more attraction and a broader range of users. Below is a list of the different items that can be purchased on the marketplace using cryptocurrency:

  • Access to compromised legitimate websites worldwide, with the ability to verify the connection before purchase. Prices are as low as under $5.
  • Over 6,000 active cPanel accesses are available, presumably from compromised sites. Details like country, domain, hosting provider, and rankings are provided, with prices generally under $10.
  • Compromised Remote Desktop Protocol and Secure Shell access to potentially legitimate servers, priced under $10, with verification of credentials' validity before purchase. Pricing varies based on access level and system specs.
  • Over 1,000 compromised SMTP accounts and scripts for running email campaigns, with prices less than $10.
  • Over 8,000 compromised webmail credentials, allowing for searches of specific domains needed for social engineering attacks, priced at just a few dollars.
  • Bulk lists containing email addresses and compromised credentials, used for large-scale attacks like phishing or brute force, priced between $1-200 depending on the database size, target, and country.
  • Credentials from specific domains/services, including user to administrator access, with prices varying. Items for sale include accounts from adult websites, providing a social engineering angle.
  • Pre-developed phishing kits, some with advanced features like 2FA bypass, priced up to $150 for feature-rich kits and below $20 for general pages. The kits target various sectors, including retail and finance.
Security Officer Comments:
While it’s hard to verify the authenticity of items being sold, online marketplaces like OLVX enable less experienced actors to launch cyberattacks. With OLVX’s rise in popularity, cybercriminals will continue to flock to the marketplace. As the holidays approach closer, we could see an increase in attacks using the various tools and services being sold on OLVX. In light of this organizations should remain vigilant and secure defenses to deter potential cyberattacks against their infrastructure.