ZeroFox Intelligence Brief - New Underground Market Comes Online Just in Time for the Holidays

ZeroFox Intelligence Brief - New Underground Market Comes Online Just in Time for the Holidays

Product Serial: B-2023-12-07b

TLP:CLEAR

In this Intelligence Brief, ZeroFox researchers provide an overview of a new underground market known as OLVX Marketplace that is gaining notoriety just in time for the holidays.

Standing Intelligence Requirements

Deep Dark Web and Criminal Underground

For the most up-to-date list of ZeroFox’s Intelligence Requirements, please visit:

https://cloud.zerofox.com/intelligence/advisories/14956

Link to Download

View the full report here.

Executive Summary

Threat actors have opened a new underground market known as OLVX Marketplace (olvx[.]cc) that is gaining notoriety just in time for the holidays. This new marketplace claims to sell all the tools necessary to commit online fraud, manipulate the very savviest of online shoppers, and make this time of year much less merry and bright. OLVX follows a trend ZeroFox Intelligence has observed relating to multiple underground marketplaces now operating on the clear web, whereas in the past, most would only operate on the deep or dark web (DDW).

On or about July 1, 2023, OLVX came online with legitimate and well-respected threat actors advertising tools such as phish kits, remote desktop connections, cPanel credentials/access, webshells, SPAM sending systems, stolen data, webmail access, and leads/combo lists. Underground marketplaces, even those hosted on the clear web, sell a myriad of products and services to assist cybercriminals in their day-to-day operations. While some marketplaces specialize in illegal/illicit products such as drugs, counterfeit products, and hacked gift cards, OLVX focuses less on end-user products and more on tools and services to aid cybercriminals in their activities to obtain data, many of which can be deployed by threat actors looking to capitalize on the busy 2023 holiday retail season.