New Cybercrime Market OLVX Flourishing in Plain Sight

The OLVX Marketplace, identified by ZeroFox researchers, is a new and growing underground market that offers a wide array of tools for helping threat actors succeed in online fraud and cyberattacks. This rise in cybercrime activity is especially concerning as it coincides with the busiest shopping period of the year – the Christmas holidays.

OLVX, accessible via olvx[.]cc, diverges from the norm of cybercrime marketplaces operating in the shadows of the dark web. Instead, it boldly exists on the clear web, making it more accessible and visible to regular users. This strategic move also allows the marketplace to leverage search engine optimization (SEO) techniques, further enhancing its visibility and extending its reach to a broader audience. The use of Cloudflare to obscure its actual hosting location further aids in its accessibility and continued operation.

Since its inception on July 1, 2023, OLVX has seen a marked increase in both buyers and sellers. It offers cPanel credentials, webshells, RDP credentials, SMTP accounts, and a plethora of other tools and services invaluable to cybercriminals. Prices are surprisingly low, with some items like webshells available for under $5. This affordability, combined with the extensive range of products, makes OLVX an attractive destination for threat actors.

The marketplace also boasts extensive lists of leads and compromised accounts, including those involving high-level services and adult websites. These resources are invaluable for threat actors looking to conduct large-scale phishing or brute-force attacks.

Another distinctive feature of OLVX is its payment system. Unlike many underground markets that rely on escrow services, OLVX employs a direct payment model using various cryptocurrencies. Users deposit funds into the marketplace and maintain a balance, prompting more frequent purchases.

What makes OLVX particularly concerning is its timing. ZeroFox reported a surge in its marketplace activity as we approach the holiday season. This upswing implies that while consumers are busy with online shopping, cybercriminals are equally busy on OLVX, arming themselves with tools to exploit the unsuspecting.

While the true extent of OLVX's impact is yet to be fully understood, its emergence is a stark reminder of the evolving nature of cybercrime. The straightforward web hosting and aggressive marketing strategies demonstrate a new level of brazenness in the cybercriminal world. This trend underscores the need for heightened vigilance among consumers and businesses alike, particularly during high-traffic periods like the holiday season.