New Dark Web Market OLVX Advertising Variety of Hacking Tools

Threat actors exploit underground markets by purchasing or selling stolen data, malware, and hacking tools to facilitate cybercrime. 

These underground markets provide the following key facilities among threat actors that fuel the growth of cyber threats:-

• Anonymity
• Enabling illegal transactions
• Enabling illegal collaboration

Cybersecurity researchers at Zerofox recently discovered a new underground market dubbed, OLVX (olvx[.]cc) found to be advertising a wide variety of hacking tools for illicit activities.

New Underground Market OLVX

OLVX launched on July 1, 2023, and since then, it has offered several illicit tools and services to threat actors.

Unlike other markets, OLVX concentrates on aiding cybercriminals with tools for data theft during the 2023 holiday retail rush.

ZeroFox found a significant spike in OLVX marketplace activity in fall 2023, where more items sold, and buyers rushed to a new store. 

Investigation reveals OLVX stems from leaked OLUX code (2020/2021). Though OLUX code is outdated, post-leak stores use improved versions. OLVX hides on Cloudflare for web hosting and better accessibility.

OLVX, not on the dark web, uses SEO and forums for customer growth. Prioritizing service, it operates a Telegram channel for support. Strong customer relationships boost OLVX’s reputation and profits. 

Admins partner with cybercriminals for custom toolkits, expanding offerings. Unlike others, OLVX skips escrow and opts for direct crypto payments. 

Customers maintain a balance for transactions, increasing sales, and besides this, “Top-off” instructions are given via a time-limited crypto address when funds run low.

Items Sold on OLVX

Here below, we have mentioned all the items that were sold on the OLVX underground marketplace:-

• Shells
• cPanels
• Remote Desktop Protocol (RDP)
• Secure Shell (SSH) Access
• SMTP Accounts and Mailers
• Webmail Accounts
• Leads
• Combo Lists
• Accounts
• Phish Kits (Scampages)

OLVX hides hosting with Cloudflare and advertises DDoS protection via Simple Carrier LLC, which is known for sketchy content hosting.

OLVX and similar marketplaces thrive as cybercriminal hubs during the holiday season, supplying tools for targeting campaigns. 

As consumers shop, cyber threats escalate, with OLVX providing essential tools for criminals, making it the ‘most wonderful time of the year’ for illicit activities.