‘A Simple – Yet Threatening Malware’
Selling this type of malicious malware for this low a price is something new in this dark, digital wilderness of mirrors. ProofPoint noted that “the malware is essentially a password stealer that was available on the product’s official website, ‘ovidiystealer[.]ru. And, like any other consumer product website, it features customer reviews, statistics regarding the sales and efficacy of the product, and much more,” Mr. Hassan wrote.
The sale of this kind of malware at such a cheap price; and that “can be so easily accessed by criminals,” is unusual Mr. Hassan noted. So, in that sense, Ovidiy is an outlier and/or, breaking the mold.
According to ProofPoint, the malware is designed for one purpose: steal passwords. And, Mr. Hassan adds, Ovidiystealer posts ‘customer reviews,’ and satisfaction/effectiveness, and notices/alerts regarding updates and newer versions. Customers can pay using “RoboKassa – a Russian-based, digital platform for transferring money, and similar to PayPal,” Mr. Hassan explained. “Customers can also use credit cards,” he added, something that I would not recommend.
‘A Closer Look At The Malware’
“Ovidiy is currently being sold in the Russian [digital] market,” Mr. Hassan writes; and, “has a number of versions.” ProofPoint’s research showed Ovidiy first became available in June 2015; and, “the malware is written in .Net; and, the executable files are encrypted — making further [detailed][ analysis and investigation difficult. Furthermore,” he adds, the author of the malware goes by the name of “The Bottle.”