STYX – A New Dark Web Marketplace Selling DDOS Tools & Banking Malware

In Cybersecurity News - Original News Source is by Blog Writer

Post Sharing

Researchers from Rsecurity discovered a recently opened marketplace named STYX; it was found to be opened around January 19, 2023.

Cybercriminals operating this marketplace primarily focus on financial fraud, money laundering, and identity theft.

The portal was found to be designed using the escrow module, which enables threat actors to brokerage between the buyers and sellers.

To access any services, users are required to register with the portal. Once registered, they can browse a wide range of services.

“STYX also offers a Trusted Sellers section, presumably where the admins of STYX have vetted reliable vendors, before whitelisting them.” reads the Rsecurity blog post.

Users are linked to Telegram groups that grant access to tools for online banking theft and fraud, such as anti-detects, device fingerprint emulators, and spoofers.

The portal also got listed in the “Enclave Service,” which is known to be a reputable service on the dark web.

STYX Marketplace also offers vendors list selling the “compromised online banking, credit cards, cryptocurrency, e-commerce account credentials, as well as stolen credit card data.”

Threat actors sell Personal Identifiable Information (PII), stolen social security numbers (SSNs), ID-related data, and payment data.

Threat actors also offer Lookup Services named “Kraken” to gather information about the targeted individual.

With the help of information-gathering tools, attackers can gather complete details of the victim and enhance the chance of successfully compromising their bank or credit card accounts.

Telephone And Email Flood Services

As we indicated earlier, the marketplace has all the tools for performing financial fraud.

In addition, they offer Telephone and Email Flood Services that can overwhelm the target’s phone and email accounts with many calls and messages.

Keeping the victim’s phone overloaded prevents the account owner from contacting the bank or anti-fraud team.

Network Security Checklist – Download Free E-Book

Related Read: