14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
We have appeared in another YouTube documentary. It is always a wonderful feeling knowing we are becoming part of history and making an impact.
Sometimes though it is our silliest quotes that make it into documentaries.
The unknown person who claims to have compromised zserver dot ru, the bulletproof webhosting provider, has begun sending emails to zserver dot ru clients.
Interestingly, the person who claimed to have compromised zserver dot ru did not tell us this.
One of their customers did.
A ransomware group was compromised.
It contains some interesting information — it's their tooling, some minor chat information, infrastructure credentials, internal notes, etc.
It's going to make some people VERY angry.
tl;dr mini Conti leaks
Exploit development, or dealing with exploits in general, is like purchasing some fresh food from a farmers market. It is new, clean, and pretty.
Malware development is like finding a 20 year old can of peas in your basement. It's old as hell, looks gross, but its still okay
Despite saying it was a joke, Linux nerds continue to comment on our post. Here is a few snippets.
A majority of people in screenshot do not follow us on Xitter.
Our favorite is the university professor saying we should be community noted. We hope they're joking.
After our stupid Linux joke, we woke up to hundreds of angry Linux nerds screaming at the top of their lungs.
The Linux nerds got so mad they even tried to community note us on Twitter
This is a joke — it was supposed to be obvious from the high person react face.
The joke is poking fun at how, although Linux is described as the superior OS, it can sometimes be more complex for even basic tasks. This is depicted in this exaggerated Linux terminal command.
EvilCorp is unironically a family owned and operated cybercrime business
Читать полностью…
Also, at the 3:32 marker, they arrest someones Grandpa. Dude looks like he's 70 and running a giant ass cryptolaundering operation 😭😭
Читать полностью…
Full footage of Cryptex and UAPS raids today from the Russian Federation's Bureau of State Technical Surveillance & Russian Ministry of Internal Affairs.
Footage via BratvaCorp and Irina Volk
How many people have giant piles of money laying around?
Читать полностью…
Our engagement numbers have dropped a staggering 27% this month. The primary difference has been a shift away from discussing cybercrime (primarily due to fatigue).
You're all degenerates and thoroughly enjoy internet cybercrime TMZ.
God bless them, we're happy you got a job. But don't forget your roots (poor, depressed, addicted to amphetamines and pushing good work).
Читать полностью…
In honor of Cybersecurity Awareness Month we are issuing a challenge!
All of you (yes, even you) have to get 1 malware.
1 malware = 1 awareness
Good luck!!!!!1
A 0day exploit is going to be dropped soon. We ourselves aren't entirely clear on the details yet, but we know it is going to impact gamers.
It won't impact business operations, unless your end users are unironically playing video games at work.
Hello,
It has come to our attention more people have received the recent ransomware leak.
Our advice is to tread carefully. Our primary delaying factor is the presence of victim PII — most notably data from public schools who may or may not have paid the extortionists.
In other words, we aren't making it public until we feel comfortable sharing data we believe people can get value from and learn from, without putting past victims in danger again.
tl;dr not going to distribute hacked schools information and data
y'know those articles on the process environment block, walking the NTDLL export-address-table? Thats from 29a zine 2... in 1997. It's a 27 year old technique that everyone is still using and yappin' about.
Читать полностью…
It's been almost 24 hours and the internet fist fight between Linux nerds and non-Linux continues.
The Linux nerds have begun implementing guerilla warfare — it has become a battle of the Xitter Community Note.
Rory Stephen Guidry a/k/a KMS has passed away. He was 37.
Rory was an active person on Darkode. He was sentenced in 1 year in prison in 2016 for cybercrime related charges.
March 24, 1987 - October 01, 2024
Also, also, yes — if there are too many .zip files in a directory (in this specific instance, for downloading malware), rm will indeed say there are too many arguments.
The solution is shrimple: find . -name "*.zip" -type f -delete
Thanks for visiting the Ted Talk
LiNuX iS tHe sUpErIoR Os
Delete all zip files in a directory on Windows:
del *.zip
Delete all zip files in a directory on Linux:
find "$(pwd | awk '{ print $1 }')" -type f -name "*.zip" -exec sh -c 'for file; do if [ -w "$file" ]; then rm -f "$file"; fi; done' sh {} +
BREAKING: Gen Threat Labs finds Rootkit targeting Arch Linux.
This puts at least 50 people worldwide in danger.
Highlight of the video is the cute doggie at the beginning doing a little dance as his owner is being arrested by the FSB 🥺
He seems excited to have so many people over, doggo thinks its a party
For the past week or so an unknown person has been sending us some interesting photos.
This person claims to be frustrated with bulletproof hosting provider 'zservers dot ru'. Their frustration resulted in them doing a 'pentest' and successfully compromising the bulletproof host provider.
It should be noted this is not the first time we've shared information on zserver being compromised. A few months ago we disclosed an unknown person had been claiming to compromise the bulletproof hosting provider. In summary: they STILL have access. It's been months.
Throughout our conversation they have sent us dozens of screenshots from this bulletproof host. They've unveiled the owners real name (with passport information and photographs). They've also shown e-mail correspondence between the owner and customers who have questions about the service and pricing.
They also successfully enumerated every customer of the bulletproof hosting provider — the names of the customers (probably fake), the email address used to register with the service, the billing information, and the services they're paying for.
This unknown person(s) managed to pivot further and get access to administrative resources, discovering this bulletproof hosting provider has a directory named 'passwords (all)' which is filled with hundreds, possibly thousands, of credentials to various things.
If it makes you feel any better, they do indeed read abuse complaints they receive. But, they don't take action on it. At least it's read, right?
Today the Russian Federation's Bureau of State Technical Surveillance in collaboration with the Russian Ministry of Internal Affairs executed 148 search warrants and 96 arrests. All actions are related to the recently sanctioned Cryptex and UAPS
Info & footage via BratvaCorp
The cycle of the malware researcher:
> randomly appears on social media
> showcases their research
> publishes a few high quality articles
> gets offered job
> disappears
> no more public research
We've seen this probably 50 times now, no exaggeration.
TIL: CSA is also a no-no acronym. New solution: dissolve Cybersecurity Awareness Month altogether
Читать полностью…