THE OnyxC2 stealer, available for rent on a cybercrime network, starts at $250 per month and is notable for its stealth and extensive capabilities. Developers provide different pricing tiers, including options for premium features and even outright purchases of source code. This stealer has been analyzed by researchers from BlackFog, who found it to be highly effective at scraping sensitive information from over 210 applications, including password managers, cryptocurrency wallets, and more.
Its stealth characteristics help it evade detection, evidenced by clean uploads on multiple security engines. With capabilities like remote access, keylogging, and a built-in TOR tunnel, OnyxC2 represents a sophisticated threat that leverages commercial software principles to facilitate credential theft.