40630
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
jamieantisocial noticed something interesting.
Look the dramatic increase in malware campaigns from 2019 - 2023. What could this be? What happened during those years?
> wonder if anyone found anything interesting in Epstein files
> open x to look
Behold my magnum opus. Here is my malware analysis paper collection
Papers:
2006 - 2 papers
2007 - 6 papers
2008 - 4 papers
2009 - 15 papers
2010 - 46 papers
2011 - 60 papers
2012 - 127 papers
2013 - 140 papers
2014 - 170 papers
2015 - 355 papers
2016 - 480 papers
2017 - 793 papers
2018 - 801 papers
2019 - 1056 papers
2020 - 1989 papers
2021 - 2634 papers
2022 - 2607 papers
2023 - 1450 papers
2024 - 1153 papers
2025 - 800 papers
Don't you EVER ask "whAts A GooD pLaCe To LeaRn MaLwaRe aNalYsiS?". I've got 14,869 malware analysis papers curated and organized. Most the papers have the samples with them too.
It's the muthafuckin' library of Alexandria for malware. This shit took half a decade.
I'm uploading them to vx-underground if you don't feel like dealing with the DoJ. It's on vx-underground under /tmp/ and named DataSet1,2,3,4
Crime scene evidence:
Who is this man and why does he speak in silly voices
Читать полностью…
Chat, we've got FREE MACOS malware. Big news for malware nerds
https://malwaresourcecode.com/home/my-projects/write-ups/free-macos-malware-for-everyone-hurry-up-before-google-patches-it
On Monday someone sent me a URL to a website trying to do click-fix targeting MacOS. I missed the message because the X DM system is a broken piece of shit.
The website is 100% malicious, but the final C2 part is dead. Staging payload still works.
I MISSED FREE MAC MALWARE
Would it be the dumbest thing I've done? Maybe
Would it be cool and badass? Yes
Yeah, these guys are not the brains behind the operation. I can't imagine someone technically savvy enough to develop ATM malware to then brag on social media about it
Читать полностью…
I've updated malwaresourcecode.com
I've demonstrated some unusual ways to achieve rand() (random integer) using RtlUniform, IOCTL Cng, IOCTL KsecDD, and CryptographicBufferStatics
Why? Because I like weird stuff
Love you
Firefox is adding AI to the web browser.
Yeah, I'm killing myself tonight.
https://www.phoronix.com/news/Mozilla-New-CEO-AI
I have a website for my malware source code. I have named it "malwaresourcecode", a very unique and inspiring name
malwaresourcecode.com
I'm actually laughing. One of the compromises is so dumb.
Her and her colleagues were responsible for compromising A CAR WASH in the United States (Florida). They modified car wash systems and system placements
What kind of petty shit is this? This is like a small business owner who charges $6 a car wash. Imagine being the poor bastard who owns the business and being informed by the United States government that your small business was compromised by the Russian Federation because ???
Tbf tho I was like, 16 at the time. I'm in my 30s now. If I had to enroll now id probably just walk in, sit down, poop my pants, and lock in. Idk
Читать полностью…
Hello,
The year is coming to a conclusion. Thank you everyone for another wonderful year.
Once the next round of giveaways finish I'll probably be AFK-ish. I am extremely fatigued from work and life. I'm not sure if it's possible, but I would like to be able to nap somewhere between 240 to 480 hours.
Thank you everyone for the fun times and sticking with me while I deal with a vx-underground and a newborn baby. I wholeheartedly appreciate all the kind words and support all of you have shown me. Many of you are great, caring, and compassionate people.
I have some good news and some neutral news. The good news is that I have completed (within reason) collecting every easily discoverable malware analysis paper on the internet. Yes, of course one or two may be missing here or there, but I feel like 14,000 papers over the time span of 2 decades is pretty good.
The neutral news is that moving forward vx-underground will primarily be keeping up to date on things. This isn't necessarily good or bad, but this means updates to vx-underground will be significantly smaller and fewer.
Truthfully, I'm not sure what to do anymore. I started the website with the goal of collecting malware source code, samples, and papers. I've collected 34TB (if decompressed) over 6.5 years. I feel like it would be a betrayal to my audience to continually make silly posts all day, everyday.
I sort of worked myself out of a job, I don't know.
It's being synced to prod now for vx-underground:
https://vx-underground.org/Malware%20Analysis
What the fuck did you just fucking say about me, you little bitch?
Читать полностью…
Epstein files were released by the Department of Justice today.
So many people tried to view it at once the DoJ had to implement anti-DDoS measures.
The amount of data they've released is INSANE.
Wow, wrestling has changed A LOT since I was a kid
Читать полностью…
Here is your free MacOS malware delivering using something akin to click fix and masquerading: mac-faster[.]com/app1/
The 'download' script does a CURL on ballfrank-dot-space
It delivers an obfuscated payload.
Deobfuscated: https://pastebin.com/PCz1cxMU
> make post about trying to contact Tren De Aragua
> get DMs
> "Uhhh hey, Smelly. TdA is very dangerous. I really don't think you should get involved with them
Bro, you think I'd actually try to contact them? They fucking murder people.
Also, I don't judge a book by it's cover, okay? I don't wanna sound like a hater but these individuals do not look friendly and I have a feeling they won't like my cat pictures
Me wondering if I should try to contact Tren De Aragua, a violent, transnational prison-formed street gang which operates as a cartel, rival to the infamous MS13, who is involved in murder for hire, kidnapping, maiming, drug trafficking, prostitution, money laundering, bribery, and extortion.
... so I can send them cat pictures and ask for their ATM malware
United States Department of Justice, Nebraska, indicts over 50 people involved in transnational gang TdA for deploying malware onto ATMs for "ATM Jackpotting"
Wtf that's badass (except the murder, extortion, maiming, etc. just interested in the malware)
https://www.justice.gov/usao-ne/pr/tren-de-aragua-members-and-leaders-indicted-multi-million-dollar-atm-jackpotting-scheme
I JUST WANT A REGULAR COMPUTER. LEAVE ME ALONE.
Читать полностью…
Hi,
I've made updates to that website where I share my malware proof-of-concept and malware source code snippets. I have no idea what to call it yet other than malwaresourcecode-dot-com.
I've added updated definitions of the Process Environment Block and Thread Environment Block. My previous definitions were extremely outdated. New definitions are the work of m417z
.
I've introduced new string hashing code segments. These are all well-known and famous string hashing algorithms. I've written them to be more Windows-specific. None make usage of the CRT in the event you are writing PIC.
Moving forward, all code will have a basic usage example. Newly updated string hashing methods display show basic usage.
For the curious: are all these string hashing methods necessary? No. Most will use Djb2, Rotr32+13, or LoseLose. However, if you want to write slightly more unique malware code, or you're just curious what they look like, they're there for you to poke with a stick. I had a lot of fun rewriting them and looking at them (math is for nerds)
https://malwaresourcecode.com/
Hello,
I have updated malware city. New malware has arrived. Please greet the malware. They're new in town.
https://vx-underground.org/Updates
The United States government has indicted a state-sponsored Threat Actor named Victoria Eduardovna Dubranova a/k/a Vika a/k/a Sovasonya
tl;dr she is facing 30 years to LIFE IN PRISON.
She is a citizen of Ukraine, however she acted on-behalf of the Russian Federation. Her colleagues were members of the Russian Federations military.
Initially I planned on doing write-up on her indictment, discuss her charges, etc, but the United States Department of Justice has documented her being tied to 99 offensive cybersecurity campaigns.
NINETY-NINE. 99.
It's 38 pages detailing her crimes, and this isn't even the full court documents because some are still sealed. The list of charges goes back to 2022.
She kind of got fucked over though, her criminal complaint is her and a bunch of other people who (in some capacity) were associated with the Russian government. By all accounts, it appears Ms. Dubranova was primarily responsible for video editing, managing money, running social media profiles, and misinformation campaigns.
She's in big trouble though because her associates (who she aided and abetted) in one instance compromised an ICS/SCADA in for a children's water park in the Netherlands, tampered with water temperature, and intentionally modified the chlorination levels.
In another instance, her colleagues compromised an oil and gas company, modified system temperatures, and caused an unknown amount of damage to the company.
In yet another instance, her colleagues compromised (another) oil and gas company, depleted onsite chemical supplies, and increased injection rates into oil wells
In yet another (another) instance, her colleagues compromised a public water system in the United States (Indiana), activated all pumps, and tampered with public water supply.
In yet (yet) another (another) instance, her colleagues compromised (another) public water system in the United States (Texas), shutdown pump set points, which resulted in the loss of 200,000 gallons of water for people in the State of Texas
In yet another (another one), her colleagues compromised an ICS/SCADA system in the United States (Pennsylvania), which resulted in the damage to a water treatment system, tampering with water pumps and levels of parasitic acid contamination
SHE'S TIED TO 99 OF THESE DAWG. SHE'S IN SO MUCH TROUBLE. SHE'S COOKED. IT'S GAME OVER.
Hello,
I'm a little behind schedule, but I've pushed a pretty big update to vx-underground. Please look at it and download the malware (or don't, whatever)
https://vx-underground.org/Updates
Tbh bro girls who go into computer stuff are way fuckin braver than me
A long time ago I was considering going into healthcare. I enrolled in this nursing class thingie.
I went into the enrollment place and it was literally all women and 1 super buff Chad looking dude.
I walked into the room. I glanced in. The women turned and looked at me, this weird stinky nerd, and I got so nervous I turned around and left
P much pooped my pants. Idk why I got so scared. But it was scary.