Dark Web deals: Password stealing malware Ovidiy now up for sale for just $7

India Ashok
Computer code

A new password stealing malware, dubbed Ovidiy, is now being sold dirt cheap on the dark web. The hackers selling the malware have also offered "testimonials" from satisfied customers, presumably to help prove its authenticity and effectiveness. Security researchers said the malware is currently priced between $7 and $13 (£5 - £ 9) and is being marketed primarily in "Russian-speaking regions".

The malware has also been updated several times since it was first spotted in June. To make it easier for potential buyers to purchase Ovidiy, the cybercriminals marketing the credential stealing malware are using a payment service called "RoboKassa", considered to be the Russian equivalent of PayPal. Researchers at Proofpoint say that the payment service allows buyers to pay using credit cards.

Trending: Elon Musk launches mysterious new X.com website with single cryptic letter

"The growing number of samples demonstrate that criminals are actively adopting this malware," Proofpoint security experts said. "Ovidiy Stealer is offered for sale on ovidiystealer[.]ru, a domain which will help attract potential customers and, as noted above, also the C&C domain. The malware boasts support, features, and login access to the web panel. The admin panel for Ovidiy Stealer allows the botmaster to view statistics on infected machines, view logs, build more stubs, and manage the account."

Despite being priced so low, the malware is designed to evade detection and is capable of targeting multiple applications. Ovidiy also sends any passwords it finds to the hackers operating the malware, which leaves organisations at risk of being targeted multiple times, especially in the event of password reuse.

Don't miss: Transforming the property market: Watch this folding 'origami' house build itself in minutes

What happens to your data once it is on the dark web?

In order to boost sales, the cybercriminals marketing Ovidiy have included statistics and showcase plans for future upgrades of the malware. The Proofpoint researchers said the malware is "lightweight" and simple to use, which when combined with the malware developers' frequent updates and support system, provide it the potential to become a "much more widespread threat",

Most popular: Researchers 3D printed an artificial silicone heart and it works

"While it is not the most advanced stealer we have seen, marketing and an entry-level price scheme make it attractive and accessible to many would-be criminals," the Proofpoint researchers said.

"Stolen credentials continue to be a major risk for individuals and organisations, because password re-use can enable one stolen login to compromise several more accounts, and the sale of stolen accounts continues to be a lucrative market for criminals looking for quick profits. Ovidiy Stealer highlights the manner in which the cybercrime marketplace drives innovation and new entrants and challenges organisations that must keep pace with the latest threats to their users, their data, and their systems."

You may be interested in: