Security researchers identified a new malware known as PonyForx, Fox Stealer or just Fox; that is being sold on underground hacker forums.
PonyForx Is the Newest Malware Threat
The PonyForx malware is being developed by a malicious programmer known as Cronbot. He/She is selling the malware on Russian underground hacking forums, from the available information, it appears that it the code is built on the information stealing threat known as Pony.
The malware is currently in its initial stages of development; the latest version is only 1.0, and its first appearance has been spotted on August 11. PonyForx said that the malware can target and extract information and login credentials from victim users.
Pony is a well-known tool used by criminals to steal information such as passwords and user data from victims, including browsers, email clients, and even BitCoin wallets. The malware is written in the C++ language without any additional libraries.
According to Cronbot PonyForx is an updated version of Pony with support for the most popular applications used by consumers this year. The tool is being distributed for rent as a DLL or EXE file for the sum of 250 US dollars per month. The code is sold for the price of 2000 dollars.
Security researchers have stated that the malware has already been used in live attacks. An attack campaign in September using the Neutrino kit has delivered the Godzilla malware loaders to the victims. This loader downloads the PonyForx and then the Locky ransomware.