A new and advanced hacking tool has been spotted lately in the Dark Web Hacking Forums that is capable of data stealth along with cryptocurrency mining and preventing self-detection from the anti-malware tools. The new malware is software named LOrdix which is identified as a multipurpose attack tool aims to target the PCs operating on the Windows Operating System.
As per the cybersecurity researcher at enSilo, Ben Hunter, The software is a latest discovery still undergoing development but has a huge capability of multiple tasks unknown to the victims. The malware has been sold on the Dark Web at a huge amount of $60 USD or 4,000 rubles. It is also found out that the malware also possesses immense capability of infecting and affecting other connected Windows devices.
The major problem that is created by this malware of Dark Web is it tries to avoid detection from the anti-virus and anti-malware tools. It uses registry keys and WMI queries and look for the strings for detection of virtual environments and sandboxes. Once it identifies any kinds of anti-virus and anti-malware tools, it disables their engines by bypassing them.
The data collected using this malware is used to detect and analyze whether it is appropriate to mine the cryptocurrencies or take over the crypto wallets along with the matching Bitcoins. The mining module is a little weak in this LOrdix malware of Dark Web because the software is still under construction and needs time to implement the mining module to make it more effective.
The builders decided to obscure the malware raging the Dark Web Hacking Forums at the earliest. Thus, a 32-bit application has been developed using the ConfuserEx obfuscator. The more sophisticated .NETGuard, an obfuscator is also used on some samples.