Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cybeattacks. Show all posts

Rise of OLVX: A New Haven for Cybercriminals in the Shadows

 


OLVX has emerged as a new cybercrime marketplace, quickly gaining a loyal following of customers seeking through the marketplace tools used to conduct online fraud and cyberattacks on other websites. The launch of the OLVX marketplace follows along with a recent trend in cybercrime marketplaces being increasingly hosted on the clearnet instead of the dark web, which allows for wide distribution of users to access them and for them to be promoted through search engine optimization (SEO). 

Research conducted by Zerofox cybersecurity researchers discovered that there is a new underground market called OLVX (olvx[.]cc) that was advertising a wide variety of hacking tools for illicit purposes and was linked to a large number of hacking tools and websites. 

Researchers at ZeroFox, who detected OLVX at the end of July 2023, have noted a marked increase in activity on the new marketplace in the fall, noticing that both buyers and sellers are increasing their activity on the marketplace. 

There have been several illicit tools and services offered to threat actors by OLVX since its launch on July 1, 2023. As opposed to the other markets that OLVX operates in, it focuses on providing cyber criminals with tools that they can take advantage of during the 2023 holiday peak season in retail. 

ZeroFox found that OLVX marketplace activity spiked significantly in fall 2023 due to more items selling on the marketplace, and buyers rushing to the new store to purchase those items. OLVX is estimated to be the result of leaked OLUX code from 2020/2021, according to an investigation. 

Post-leak stores use improved versions of OLUX code, even though the old OLUX code is outdated. For better accessibility and better web hosting, OLVX hides the contents of its website on Cloudflare. For customer growth, OLVX does not make use of the dark web; instead, it relies on SEO and forums to grow customers.

For customer support, OLVX runs a Telegram channel to provide support. The company's reputation and earnings are boosted by strong relationships with its customers.  Unlike most other markets of this nature, OLVX does not rely on an escrow service to ensure funds are protected.

Instead, it offers a "deposit to direct payment" system which supports Bitcoin, Monero, Ethereum, Litecoin, TRON, Bitcoin Cash, Binance Coin, and Perfect Money as cryptocurrencies. By doing this, users are encouraged to spend more, because funds are always available, so browsing leads to more frequent purchases for the user. 

To maintain privacy and security, customers who are running low on funds are advised to use time-limited anonymous cryptocurrency addresses to "top-off" their accounts, in order to maintain funds. During the holiday season, OLVX and similar marketplaces thrive as cybercriminal hubs, supplying tools for targeting campaigns to cybercriminals during the colder months. 

On the site, OLVX offers hosting via Cloudflare and advertises DDoS protection through Simple Carrier LLC, which is a substandard hosting provider.  Consumers are increasingly putting their security at risk as they shop. 

OLVX is one of the leading tools that criminals use during the holiday season for illicit activities, making this the time of year when criminals run their heists. Due to the unique nature of the platform, an independent verification team can not verify that the above quality and validity claims are accurate, however, users believe that OLVX's rising popularity and established reputation lend credibility to the majority of the claims. 

Interestingly, Zerofox indicates that fraudulent activity on the platform starts to increase as users get closer to the holiday shopping season, which means that buyers should maintain heightened vigilance so as to avoid scams and identify fraud.

Breaching Nature's Firewall: The Convergence of the Climate Change Crisis and Cyberattacks

 



Corporate strategies are being transformed by ESG considerations – which are now becoming a permanent feature of the economic services sector as they transform corporate strategies. A change in ESG practices cannot be brought about by internal or external pressures if stakeholders do not perceive that the changes can be financially beneficial. The evidence for this is unrefutable; the financial performance of companies that introduce sustainable principles is always strong over the long run if they implement sustainable practices. In addition to reducing costs, increasing productivity, and increasing demand, ESG and financial performance have some links. 

Climate change and cybercrime have similarities worth mentioning. Both groups pose increasing threats. These kinds of risks threaten the safety and security of our basic resources, such as water, energy, and infrastructure. 

It is possible that cyber-attacks and weather events, such as hurricanes, could have serious real-world consequences. ESG disclosure is becoming one of the most important factors for companies operating within the financial services industry. As the public's, investors, and the state's concerns grow, this is becoming an increasingly important issue. 

ESG-oriented regulations have increased considerably in the UK and globally as a result of the increasing number of regulations focusing on ESG. 

A company with ample resources and the ability to respond quickly to these unexpected challenges is more likely to be able to overcome them without being exposed to security risks. 

There will be an increase in cyber threats to their users as a result of this. Despite this, many companies need more resources and capacity to react appropriately and effectively to devastating weather events. This leaves weak spots in their defense system that can be exploited by hackers in case of disasters. 

There is an apparent link between these two threats – and cyber-security – that have enveloped our planet for years now. 

As a way of highlighting the connection between climate change and cybersecurity, Chloe Messdaghi, CEO and Founder, of Global Secure Partners, stated that climate change and cybersecurity are related to the same thing, but that connection is complex and multifaceted. Climate change is leading to greater cyber-threat opportunities. 

Societies rely on technology to combat and mitigate climate change. Technology plays a crucial role in improving resource management and sustainability efforts, from renewable energy systems to smart grids to connected devices. Although increasing dependence on technology is a good thing, it also brings new avenues to hack and get access to sensitive information. Cybercriminals have been able to gain entry into new areas through technological advancements, providing them with a wider attack surface from which to attack and exploit targets. If they succeed in their cyberattacks, there can be severe consequences for hackers who fail to penetrate renewable energy systems and smart grids, such as blackouts, disrupted services, and cascading effects on society.

Amongst the strongest indications that the green energy sector is growing, we can point to the occurrence of cyberattacks that are targeting it. Cybercriminals are becoming more and more interested in renewable energy systems as they become the backbone of economic operations in the future. The energy infrastructure is a critical component of society and the collapse of it could result in a blackout that would have catastrophic consequences.

It has become increasingly complex and interconnected for businesses to navigate an increasingly complex world in which they are confronted with two major challenges: cyber threats and global climate change. Breach of security may cause companies to suffer financial losses, damaging their reputations, and compromising customer information. 

There is a significant risk of operational disruption and supply chain issues arising from the effects of climate change, such as extreme weather events and a shortage of resources. For businesses to meet these challenges effectively, understanding the interplay between these challenges becomes imperative. This includes implementing resilience strategies to mitigate climate risks and cybersecurity policies to protect against evolving threats. Business continuity and sustainability can both be severely compromised in the event neither of these issues is addressed and they do not get resolved appropriately. 

There is no doubt that a cyberattack on the Colonial Pipeline in May 2021 represents a convergence between the climate change crisis and cyberattacks. This critical infrastructure was shut down, leading to panic buying, fuel shortages, and an increase in pollution emitted along the US East Coast. This was due to the shutdown of critical infrastructure. There was a severe cyber-attack on critical systems as a result of the incident, with climate change worsening the threat. 

A key point highlighted was that there was potential for data manipulation and the political ramifications that might result from upsetting an infrastructure that is essential to society. This example highlights the urgent need to develop integrated approaches to tackle the challenges posed by climate change as well as cyberattacks. 

Cyber security and climate change are both unaccountable, as is the lack of accountability for them. The problem of climate change is difficult to diagnose because everything plays a role, so it is extremely difficult to pinpoint who is responsible. 

Financial services face several challenges and opportunities related to climate change and cybersecurity. With climate catastrophes and their occurrences becoming more frequent and more severe, financial institutions must be prepared to deal with the associated risks, such as disruptions in their operations, supply chains, and investments, due to climate-related events. They must strengthen their cybersecurity defenses to protect sensitive data and protect themselves against all evolving cyber threats. 

It is possible to enhance resilience and risk assessment by embracing innovative technologies like AI and blockchain. For climate change to be mitigated and financial systems to be protected, collaboration between stakeholders is crucial. This includes incorporating climate risk into financial decision-making processes and fostering information sharing when developing robust strategies.