14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Thank you, Vietnamese government representative, for the lovely e-mail.
Читать полностью…
vx-underground staff members enjoying a nice evening cruise in California
*this is actual footage we captured
*fire is illegal and for nerds
Someone didn't reply to our backend hosting provider which resulted in them terminating our account.
Whoever did this should be slapped around with a large trout (it's my fault)
We have all the data still, no biggie, but data will be inaccessible for a few days while we move.
A timeline of the Los Angeles wildfire emergency broadcast system problems
- January 9th, 2024, approx. 4:11 PST, people in the entirety of Los Angeles county receive an emergency broadcast alert to their cellphones telling them to gather their loved ones, pets, and supplies. It results in widestream misinformation on social media and pandemonium (Image 1). Shortly after the text message, people receive a subsequent message saying it's a false alarm and a mistake.
- January 10th, 2024, approx. 4:02am PST, people in certain regions of Los Angeles receive an emergency broadcast alert to their cellphones similar to the message received yesterday (Image 2). The message states it for the entirety of Los Angeles county, but (based on information received thus far) no additional emergency broadcast alerts were intended to be delivered.
January 10th 6am PST - current time, Los Angeles citizens, and people throughout the United States, express concern on social media. People report confusion, misinformation, and mismanagement by California officials for the frequent and inaccurate emergency broadcast messages. Some people report receiving several text messages regarding the fires while, when checking 3rd party apps, show there are currently no threats in their area.
Los Angeles officials go on television and social media stating they are not sending out messages. They state they're working with industry partners to identify the cause of the problem (Image 3 and Image 4)
There is currently no information to confirm or deny this is the result of a state-sponsored Threat Actor, a bad actor intended to cause damage, a financially motivated Threat Actor, an Insider Threat, or wild mismanagement and/or equipment failure. Details are scarce.
40 minutes ago Los Angeles county officials stated on television they're working with partners to stop the false and/or incorrect evacuation warnings people are receiving WHICH ARE NOT happening from human interaction (???)
They're currently investigating how this is happening
THEY DID IT A THIRD TIME.
We didn't think it was possible to do an oopsie doopsie 3 times! This is absolute madness. Someone get California on the horn and tell them to wake up
Holy smokes
It's the ultra rare, limited edition, double mega oopsie doopsie.
Last night at 4am PST California officials accidentally sent out an evacuation warning to the entire Los Angeles area ... AGAIN. They've made the same mistake two times in a 12 hour time stretch!
tl;dr some dude pretending to be a staff member was trying to pick up a chick. we dont go outside, we dont meet people, were scared of grass and sunlight
Читать полностью…
I had hoped he'd get bored after the like, 6 hour marker, I had lots of people complaining. I just messaged him directly and he said he'd stop.
¯\_(ツ)_/¯
Tomorrow evening at 9PM EST we will be holding the vx-underground talk show on Twitter.
Our guest speaker will be the CEO of TorGuard. Tor(rent)Guard is a large VPN and VPS provider with infrastructure across the globe. They're competitors with organizations such as Mullvad, ProtonVPN, NordVPN, and HideMe.
During our talk we will discuss VPN technologies, how their large and multinational infrastructure works and is managed, common myths and misinformation on VPNs and VPSs, how ISPs work fundamentally and how they can monitor what you're doing and can inject into your traffic, and more. And, because it's us, malware techniques and technologies which can be used or abused by VPNs
As always, we will allow people to join the conversation, ask questions verbally and in-real-time, comment, make suggestions, or just say Hi.
We will also be doing a surprise giveaway. To celebrate our "first" attempt at this dumb talk show thing we're doing, TorGuard has agreed to hook up listeners, or talkers, during the segment with VPN accounts. He'll give 5 away for free because ???.
Anyway, see you tomorrow night.
tl;dr millions of people scared, worried about loss of life, widespread fear, thin on resources. Then they decide to sprinkle some mass confusion and mass hysteria on top.
+2 internet kitty cats to California officials for biggest oopsie doopsie (so far)
Hello,
When we announced we're facing potential termination from our hosting provider we received dozens of messages and overwhelming support. Thank you.
We are happy to announce we're getting our own dedicated infrastructure soon thanks to our friends over at TorGuard.
To make a long story short, thanks to them we're getting bigboi equipment and bigboi machines. Our bandwidth and resource capabilities will be exponentially better than before. Lots of exciting news coming.
tl;dr faster speeds, more malware source code, more malware samples, and more malware papers
tl;dr tl;dr we gettin big
2025 is not cool and is not badass.
Staff member b0t is evacuating from his home in California due to wildfires. On the other side of the United States, staff member Bradley is facing tragedy. His Father has lung cancer, emphysema, and was diagnosed with acute pneumonia.
You can read the paper here:
https://rhinosecuritylabs.com/aws/s3-ransomware-part-1-attack-vector/
Today Mark Zuckerberg announced the introduction of some fairly large changes to Facebook, Instagram, and Threads.
First and foremost, Mr. Zuckerberg is dressing strange and it is confusing.
Secondly, and most importantly: Mr. Zuckerberg said Meta (Facebook, Instagram, and Threads) will now make free speech a priority. They're "dialing back" content moderation systems for a majority of posts and media. They'll be removing "fact checkers" from their platform. Moving forward the websites owned under Meta will have Community Notes — acting the same as X currently does. Mr. Zuckerberg also expressed concern with bias (internally or externally) and announced employees will be relocating to Texas. Mr. Zuckerberg states he believes Texas to be non-biased and more open to free speech.
We believe this poses a significant problem because X in of itself runs rampant with misinformation and/or disinformation campaigns from not only conspiracy theorists, but state-sponsored Threat Actors. We cannot comment on the validity and/or bias of the fact-checking system under the Meta brand (we don't use any of their social media platforms), but we believe relying on community notes and user feedback reports can be difficult to work with and are often insufficient.
Or maybe it doesn't matter and we should let people do whatever they want and let them think critically for themselves
This image is a perfectly analogy for most enterprise compromises — a "sophisticated attacker" was NOT a state-sponsored Threat Actor. It was just a fat cat.
Читать полностью…
tfw you have to notify everyone in your project you forgot to reply to an email and now everything is temporarily gone and all work is paused for like, 5 days
Читать полностью…
The Sims allows your character to learn how program by writing malware
Читать полностью…
We don't want to get all crazy-whacko-conspiracy-theory, but this sure would be a great time for an adversary of the United States to cause chaos and/or spread misinformation.
Читать полностью…
What's interesting though is this time it wasn't sent to the entire LA County. It was sent to the wrong areas on Los Angeles, with the wrong message
tldr people in Long Beach received notifications for people near Eaton Fire which said it was for entirety of LA
???
We've never seen such a colossal oopsie 2 times in a row in a 12 hour stretch. They're probably scaring these people to death — getting notified at 4am they need to pack their stuff and go 😭
Читать полностью…
What the hell is someone going to say to pick up chicks while impersonating someone from our group?
"hai bb, you wanna hookup with a chronically online, morally ambiguous, mid-30s man with a benzodiazepine dependency and who is also (probably) on multi watchlists?"
A young person encountered a vx-underground imposter on Discord who was trying to convince them to meet-up in person. They contacted us to confirm whether or not this was true.
This is a reminder vx-underground will never try to meet you in person. We don't go outside.
Thank you, SabaKira of l7srv-dot-ru, for using your botnet to conduct a 102TB DDoS attack which lasted several hours.
It was very cool it got past our Cloudflare Enterprise and agitated thousands of our daily visitors.
tl;dr tl;dr 3,821,000 people just received this text message by accident
Читать полностью…
Large oopsie-doopsie in Los Angeles today
In the midst of arguably the most dangerous wildfires in California history, Californian officials accidentally issued an evacuation order to the entire Los Angeles population which has resulted in (reportedly) pandemonium
Cybersecurity classes crazy nowadays. We never learned this stuff
Читать полностью…
2025 is not cool and it is not badass.
We're currently having a dispute with our hosting provider. We have 23TB of storage, 75TB egress, and 30TB cached from Cloudflare.
They do not like us consuming so much stuff
We're witnessing the evolution of ransomware.
Yesterday someone informed us of the existence of the new TTP of AWS S3 extortion. More specifically, Threat Actors abusing the Amazon Key Management Service (KMS) to encrypt company AWS buckets (or any cloud provider).
We have never heard of this until yesterday.
RhinoSecurity wrote a paper on AWS S3 extortion, the methodology in which it's deployed, and wrote a simple AWS CLI script to accomplish the task.
It's 25 lines of Python code.
Hello,
1. Kitty cat archive is scheduled to go live soon-ish. Several million kitty cats are good to go
2. We have 241 malware reverse engineering papers in queue to be pushed to vx-underground prod.