OnyxC2 Stealer: Advanced Malware-as-a-Service Threatens Enterprise Security

OnyxC2 Stealer has emerged as a significant Malware-as-a-Service (MaaS) threat, targeting over 210 applications for credential theft and remote access. Sold for as low as $250 per month, it employs sophisticated evasion techniques, including DLL sideloading and encrypted payloads, making detection difficult. The malware can harvest sensitive data from various platforms, including browsers, password managers, and cryptocurrency wallets. Its persistence allows continuous access across user sessions, raising concerns for organizations with complex third-party dependencies. The developers offer refunds if their builds are detected, indicating confidence in their evasion capabilities. The malware's modular architecture and web-based control panel facilitate use by less-skilled attackers, increasing the risk of widespread exploitation. As of now, OnyxC2 is actively being marketed on cybercrime forums, posing a growing threat to enterprise security.

Key Points: • OnyxC2 Stealer targets over 210 applications, including browsers and password managers. • The malware uses DLL sideloading and encrypted payloads to evade detection by antivirus software. • It is sold as a service for $250 per month, with a refund policy for detected builds.