Wednesday, November 6, 2024
HomeComputer SecurityNew L0RDIX Multipurpose Hacking Tool Advertised in Dark Web Forums

New L0RDIX Multipurpose Hacking Tool Advertised in Dark Web Forums

Published on

Malware protection

Cybercriminals advertising L0rdix Multipurpose malware in dark web forums, designed to be a universal go-to tool for attackers.

It developed aiming windows machine, it combines stealing, cryptocurrency mining techniques and stealthy methods to avoid malware scanning.

ENSILO security researcher, Ben Hunter discovered the L0rdix multipurpose malware advertised on dark web forums. The malware written in .NET targeting windows machine combines stealing and mining methods.

- Advertisement - SIEM as a Service

With this malware, attackers can get complete information about the victim’s PC and they can execute commands, file uploads, and other functions, also it includes a number of mining modules.

L0rdix
Image Credits: ENSILO

The malware advertised for 4000Ruble ($60.96) and it presents a dashboard with makes the job more easy for an attacker.

L0rdix
Image Credits: ENSILO

In order to avoid detection, the malware employees common malware analysis tools name and also uses WMI queries to check the string to determine whether it is running under a virtual environment.

L0rdix supports a wide variety of actions aiming to make it a universal “go to” tool for attackers that require different capabilities. It’s obvious that the writer’s preferred code simplicity while investing in a larger spectrum of capabilities to offer the buyer reads ENSILO blog post.

Once the L0rdix executed in the victim’s machine it gathers complete system information and transfers to the server by encrypting data using the AES algorithm.

The malware contains Botnet, Crypto wallet stealing and stealer functionality. It monitors clipboard activities for specific wallet types such as Bitcoin, Ethereum, Litecoin, Monero, Ripple and Doge.

L0rdix targets following browsers Chrome, Kometa, Orbitum, Comodo, Amigo, Torch and Opera and extracts login details, also it extracts cookie information from browsers.

The dark web markets remain as a place for selling stolen credit cards, the underground offers hacker-for-hire services, hacking tools, tutorials and more. These dark web markets are accessible through anonymization services such as Tor or I2P.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can check the Vulnerability Management Analysis to keep your self-updated

Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets

Dark Web Hosting Provider Got Hacked, 6,500+ Sites Including Root Account Deleted From Server

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Azure API Management Vulnerabilities Let Attackers Escalate Privileges

Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could...

Google Patches High-Severity Vulnerabilities in Chrome

Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities....

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages...

APT36 Hackers Attacking Windows Deevices With ElizaRAT

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Azure API Management Vulnerabilities Let Attackers Escalate Privileges

Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could...

Google Patches High-Severity Vulnerabilities in Chrome

Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities....

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages...