Wednesday, April 23, 2025
Follow us On Linkedin
HomeComputer SecurityNew L0RDIX Multipurpose Hacking Tool Advertised in Dark Web Forums

New L0RDIX Multipurpose Hacking Tool Advertised in Dark Web Forums

Computer SecurityCyber Security NewsDark Web

Published on

By Gurubaran
New L0RDIX Multipurpose Hacking Tool Advertised in Dark Web Forums

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Cybercriminals advertising L0rdix Multipurpose malware in dark web forums, designed to be a universal go-to tool for attackers.

It developed aiming windows machine, it combines stealing, cryptocurrency mining techniques and stealthy methods to avoid malware scanning.

ENSILO security researcher, Ben Hunter discovered the L0rdix multipurpose malware advertised on dark web forums. The malware written in .NET targeting windows machine combines stealing and mining methods.

- Advertisement - Google News

With this malware, attackers can get complete information about the victim’s PC and they can execute commands, file uploads, and other functions, also it includes a number of mining modules.

L0rdix
Image Credits: ENSILO

The malware advertised for 4000Ruble ($60.96) and it presents a dashboard with makes the job more easy for an attacker.

L0rdix
Image Credits: ENSILO

In order to avoid detection, the malware employees common malware analysis tools name and also uses WMI queries to check the string to determine whether it is running under a virtual environment.

L0rdix supports a wide variety of actions aiming to make it a universal “go to” tool for attackers that require different capabilities. It’s obvious that the writer’s preferred code simplicity while investing in a larger spectrum of capabilities to offer the buyer reads ENSILO blog post.

Once the L0rdix executed in the victim’s machine it gathers complete system information and transfers to the server by encrypting data using the AES algorithm.

The malware contains Botnet, Crypto wallet stealing and stealer functionality. It monitors clipboard activities for specific wallet types such as Bitcoin, Ethereum, Litecoin, Monero, Ripple and Doge.

L0rdix targets following browsers Chrome, Kometa, Orbitum, Comodo, Amigo, Torch and Opera and extracts login details, also it extracts cookie information from browsers.

The dark web markets remain as a place for selling stolen credit cards, the underground offers hacker-for-hire services, hacking tools, tutorials and more. These dark web markets are accessible through anonymization services such as Tor or I2P.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can check the Vulnerability Management Analysis to keep your self-updated

Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets

Dark Web Hosting Provider Got Hacked, 6,500+ Sites Including Root Account Deleted From Server

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cloud

Google Cloud Composer Flaw Allows Attackers to Gain Elevated Privileges

Research disclosed a now-patched high-severity vulnerability in Google Cloud Platform’s (GCP) Cloud Composer service,...
CVE/vulnerability

Moodle Core vulnerabilities Allow Attackers to Evade Security Measures

A recent security audit has uncovered critical vulnerabilities within Moodle, the widely used open-source...
cyber security

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network...
cyber security

Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft

The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

Cloud

Google Cloud Composer Flaw Allows Attackers to Gain Elevated Privileges

Research disclosed a now-patched high-severity vulnerability in Google Cloud Platform’s (GCP) Cloud Composer service,...
CVE/vulnerability

Moodle Core vulnerabilities Allow Attackers to Evade Security Measures

A recent security audit has uncovered critical vulnerabilities within Moodle, the widely used open-source...
cyber security

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved