BleepingComputer reports that more threat actors have been engaging in the new clearnet-hosted OLVX cybercrime market, as indicated by the significant increase in activity since being first identified in July.
Aside from offering access to compromised websites and more than 6,000 active cPanels, OLVX also peddles more than 8,000 breach email credentials, more than 1,000 compromised SMTP accounts, email and password lists, phishing kits, and domain/service credentials, according to a report from ZeroFox, which linked the accelerated rise of OLVX to its operators' search engine optimization initiatives, aggressive advertising efforts, and word of mouth.
The findings also showed the absence of an escrow service in the cybercrime market, which has opted for a "deposit to direct payment" system instead.
"While the OLVX marketplace offers thousands of individual products across numerous categories, its site administrators maintain relationships with various cybercriminals who create custom toolkits and can obtain specialized files, thereby furthering OLVX's ability to maintain and attract customers to the platform," said ZeroFox.
Thousands of organizations across the U.S. have been targeted by a new phishing campaign deploying the Bumblebee malware, which was last observed in the wild in September, according to BleepingComputer.