OnyxC2 is a Malware-as-a-Service stealer sold on a cybercrime network with pricing tiers starting at $250 per month, with a premium option at $500 and a private purchase option for $6,000. BlackFog found that the stealer combines broad credential harvesting, stealth, persistence, and remote-access features to turn one infected workstation into long-term access across a victimβs accounts and systems. #OnyxC2 #BlackFog
Keypoints
- OnyxC2 is offered as a stealer for hire through a Malware-as-a-Service model.
- Its pricing starts at $250 per month, with premium and private options available.
- The package includes lures such as FinePrint, SystemSettings, fake Windows updates, and Fling-Standalone.
- It targets browsers, extensions, password managers, wallets, FTP clients, email clients, and more than 200 applications and extensions.
- It also includes HVNC, LSASS dumping, keylogging, reverse shell access, TOR tunneling, and AES-256-encrypted downloads.