Inside OnyxC2: The New Stealer Targeting 210 Apps

OnyxC2 emerged in early 2026 as a malware-as-a-service stealer sold on cybercrime networks for $250 monthly. The platform includes a web panel, payload builder, and tiered pricing structure with refund guarantees. Written in C++ with assembly for direct syscalls, it targets approximately 210 applications across nine categories: 45 browsers, 109 extensions including 2FA tools, 5 password managers, 17 cryptocurrency wallets, 11 FTP clients, 5 email clients, and VPN/messaging applications. The stealer achieves 99% detection evasion through mutated builds and delivers via DLL sideloading using signed binaries. Higher tiers unlock remote access capabilities including HVNC, LSASS dumping, reverse SOCKS5 proxy, keylogging, and reverse shell. Distribution occurs through fake installers delivered as password-protected archives, with C2 communication over Cloudflare-fronted HTTPS to akmuniverstall.top.

Pulse ID: 6a301309d410a2c508c138d4
Pulse Link: https://otx.alienvault.com/pulse/6a301309d410a2c508c138d4
Pulse Author: AlienVault
Created: 2026-06-15 14:58:17

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#2FA #Browser #Cloud #CyberCrime #CyberSecurity #Email #HTTP #HTTPS #InfoSec #Malware #MalwareAsAService #OTX #OpenThreatExchange #Password #Proxy #SideLoading #VNC #VPN #Word #bot #cryptocurrency #hVNC #socks5 #AlienVault

Sanglant diner / Bloody game / 血まみれのゲーム #詩 #poeme #vampires #proies #https://gerdesilets.wordpress.com/2020/09/28/sanglant-diner-bloody-game-poem/

Pour l’Halloween de cette année
d’étranges gothiques on a invités
pour être les cons de notre diner
malheureusement cela a mal viré
quand alors nos étranges invités
leurs vrais visages ils ont dévoilés
car de vrais vampires on a invités
et nous les cons avons donc été
pour eux un très sanglant diner
et de notre sang on fut vite vidés

🚨 NEWS: TLS e HTTPS: Handshake, Certificati e Versioni Sicure — Guida Avanzata per Sviluppatori e DevOps

Ecco i punti chiave in breve:
💡 Il tuo sito carica in HTTPS. Il lucchetto è verde. Eppure un giorno arriva la segnalazione: "certificato scaduto", "handshake fallito", "TLS version deprecated". Il cliente non capisce, il traffico ca...

🚀 LINK: https://meteoraweb.com/sicurezza-informatica/tls-e-https-handshake-certificati-e-versioni-sicure-guida-avanzata-per-sviluppatori-e-devops

#nginx #tLS #hTTPS #handshake #certificatiSSL

Les Pages Perso Free franchissent une étape importante. Après plusieurs mois de migration discrète, les sites hébergés gratuitement par l’opérateur affichent désormais un certificat de sécurité HTTPS, mettant fin à une longue anomalie sur le web moderne.

https://www.universfreebox.com/article/594893/27-ans-apres-son-lancement-lun-des-plus-anciens-services-de-free-fait-enfin-sa-mise-a-niveau

#Free #https