Cheap Password-Stealing Malware, Phishing Tools

August 1, 2017 | By Kimberly Reynolds

Cyber criminals are offering malware-as-a-service to any one who can pay. While earlier, the cost may have been quite high, based on the capabilities of the malware, nowadays it is being offered at very low-cost, just ($7 – $13), and the malware offered is no easy joke. Enter – organized cyber crime. In a bid to better monetize malware, organized gangs and malware code developers seem to have gotten together to offer malware-as-a-service.

Cheap Password-Stealing Malware, Phishing Tools


Phishing-as-a-Service (PhaaS), Ransomware-as-a-Service, DDoS-as-a-Service, password-stealing malware, etc…, all these are being offered. Dangerous malware is being made available for aspiring hackers and criminal groups that need not have to be expert coders or system architects. It has become pretty easy now. Malware is being offered – for outright purchase, subscription basis and as a pay-per-use model. Cyber criminals can purchase/subscribe and use them to build threat networks and launch attacks.

The Ovidiy Stealer is a new credential stealer that is quite active in Russian-speaking regions of the world, and believe it or not – it costs just $7 and $13. The cost is just too astoundingly low!!! The developers are constantly developing it, with new builds more robust than the earlier ones. So far, several versions have been observed and they are being found in Russia, the United Kingdom, the Netherlands, and other countries.

The Ovidiy Stealer is quite a sophisticated malware. It could be running active on an enterprise network, but since its behavior does not display much suspicion it usually gets away from being blocked or deleted. The malware is encrypted and hence is designed to escape analysis and detection by traditional malware.

Some versions of the Ovidiy Stealer work against just a single application or browser, while some are versatile and can target multiple browsers. This malware is being spread in the usual ways- malicious attachments to mails, fake software and malicious links.

Malicious communication with SSL Security

Ovidiy Stealer has the capability to communicate with a command-and-control server (C&C), and the unique part is that it uses SSL security for the communication.

Cyber security experts report on another new low-cost malware-as-a-service – a new phishing tool that allows beginner scammers to launch their career in the cyber crime world. This tool enables scammers to generate phishing pages for prominent mail services such as Gmail, Yahoo Mail and other applications such as Facebook. In this case, too, the phishing tool website is hosted on a website with an SSL certificate. This certificate further helps in duping even cautious website visitors.

Malware is evolving, and cyber criminals are utilizing SSL certificates that are rather easy to acquire. SSL Certificates denote a secure website and hence, it would be better if proper validation measures are followed before SSL certificates are issued.
Buy SSL Certificate

Posted in SSL

Be Sociable, Share!

Leave a Comment


* fields are mandatory