14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Cyberhaven, a thing we've never heard about before until about 2 minutes ago, that does something with cybersecurity and lists it's biggest customers on it's website, was compromised. It resulted in a web-browser-based supply chain attack.
Читать полностью…
Sometime in 2020 a guy named "Shikata" recommended we make the vx-underground slogan be: "spread the infection."
It was such a god awful, abomination of a slogan, I never forgot about it. It's been almost 5 years.
- smelly
It wouldn't be a Christmas unless a company did something horrifically stupid.
This year concludes with Activision. Activision decided to release some promotional artwork which was created using Artificial Intelligence.
tl;dr massive game studio doesn't use their artists
Alternatively, as we've been told, a good way to ensure a Xitter paycheck, while having a low follower count and/or engagement rate — is to be a conventionally attractive Asian woman and have Elon Musk follow you on Xitter.
Читать полностью…
Every single one of you is invited to our Christmas feast.
We only have 1 turkey.
It'll be difficult to split it between all 380,000 of you. We also don't have enough cups, plates, or silverware.
We also don't know where you're all going to sit... But you're invited!
This Christmas Eve we're relaxing at HQ, enjoying the Christmas classics, and drinking hot chocolate (and also cat).
A true blessing.
Song: Rudolph the Red-Nosed Reindeer
Today a bunch of YouTubers began discussing a Browser plugin called "Honey". Their discussions revolves around the investigative research of a YouTuber named MegaLag.
Commentators are referring to it as a scam. Scam in this context isn't quite accurate enough because it is deceptive to advertisers, web stores, AND consumers, but also the browser plugin itself functions fundamentally similar to malware payloads.
tl;dr plugin extension modifies cookies on page checkout to steal commission from other people. The idea in itself is so novel, we want to introduce the entire "Honey" company into Black Mass Volume III
https://www.youtube.com/watch?v=vc4yL3YTwWk
Incomplete project that will be thrown into the trash: https://pastebin.com/raw/3VYrcNYt
Читать полностью…
The developer of Lockbit ransomware (and a core member) sure lived a beautiful and cozy life. He seems so happy and relaxed knowing the people using his weapon were ransoming childrens hospitals and critical infrastructure.
The United States government will be very nice to him when he's extradited from Israel (they won't be nice at all, they're going to make his life an inescapable hell).
(one of the developers of lockbit ransomware group was arrested in israel)
https://www.justice.gov/opa/pr/united-states-charges-dual-russian-and-israeli-national-developer-lockbit-ransomware-group
Conversely, we've seen information stealer malware authors receive 5 years in prison.
1. Judges fucking HATE ransomware, they will throw the book at you (slang, meaning be as harsh as possible)
2. It appears it also depends on how much you're willing to snitch and/or beg
> take nap
> wake up
> go poop
> get out of bed
> check emails
> get ICANN requests from Giorgia Meloni, 1800's Russian essayist Fyodor Dostoevsky, and 16th President of the United States Abraham Lincoln
Black Mass Volume III is coming soon. We aim to continue our malware book dominance on Amazon
Читать полностью…
This sweater is super cool.
If we were younger, more attractive, had a sense of fashion, and capable of dressing ourselves — we'd purchase this.
AI artwork was really cool and impressive for about 3 weeks. Then it was immediately abused by low-lifes and cheap bastards to cut corners and make money.
Now AI artwork looks like a big stinky pile of shit drizzled in corporate greed
> write 20 page paper on opaque malware technique
> 5,000 lines of C++
> *crickets*
> write 1 paragraph explaining basic malware concept
> -5,000 lines of C++
> ZOOOMFGGGGG!!!1111 whOAOAOAOAOA
Today 404mediaco released an article on Anthaney O’Connor. Mr. O’Connor reported someone to law enforcement for possessing CSAM.
However, while law enforcement was conducting their investigation, they discovered Mr. O’Connor also possessed CSAM. Additionally, he was actively developing a virtual reality video game to perform sexual acts with children. The video game had both real and AI generated pornographic images of children in it. Mr. O’Connor intended to sell and distribute this video game for $200.
More information: https://www.404media.co/tipster-arrested-after-feds-find-ai-child-exploit-images-and-plans-to-make-vr-csam-2/
Xitter doesn't pay 'content creators' well. Next time you accuse someone of baiting for engagement (or monetary reward) — look at this chart we've attached.
During our Christmas gifting session Xitter paid us $162.25. This gifting spree had an engagement rate exceeding 6%, over 5,000,000 views in total, our profile stats jumped 400%.
Our largest paycheck ever was from memeing Crowdstike during their level 9000 shitstorm driver implosion. It was $367.39.
You would need x10 our following and/or engagement to make $3,000/month. In other words, you'd need roughly 3,000,000 followers with an engagement rate of 5% — 150,000 likes and/or comments PER POST with a majority being subscribed to Xitter Blue.
This is relevant to us because one of the bunnies is actually a malware researcher
Читать полностью…
vx-underground Black Mass Research Group presents: Minegrief.
tl;dr a computer worm that targets minecraft
https://github.com/blackmassgroup/minegrief
> write malware proof of concept for Black Mass III
> work on project for a few weeks
> Last Modified: September 18th, 2024
Ransomware payloads often skip over executable files to save on time and performance.
Replace every file extension on your computer with .exe, .dll, or .sys to prevent ransomware attacks.
"They'll never catch me if I'm in Israel, with this funny hat and fake moustache" — Rostislav Panev, developer and core member of Lockbit ransomware group
Читать полностью…
Per BleepinComputer, a ransomware affiliate from Netwalker ransomware group has been sentenced. He has received 20 years in prison.
It appears the defacto standard in the United States judicial system for ransomware operators (based on arrests of REvil affiliates, Netwalker affiliates, etc) is roughly 20 years in prison. Previous arrests also have shown assets seized (cryptocurrency), and restitution.
Although, the restitution part would be difficult because prison pay in the United States (varying) is approx. $1.41/hour (some as low as $0.03/hr) and some ransomware affiliates owe millions in restitution to victims. This means, ideally, a high paid prisoner would have to work 709,000 hours (29,550 days, 80 years) to pay victims back if they owed $1,000,000 in restitution.
tl;dr if caught doing ransomware, the United States government will take your money, ban you from electronics, sentence you to 20 years in prison, and may you pay back millions at a rate of $1/hr
tl;dr tl;dr if caught doing ransomware, your life is ruined forever (or about 30% of your adult life, depending on how long you live, or unless you "unalive" yourself in prison)
The bidding war is real — we're big cash money, gang
Читать полностью…
🚨BREAKING 🚨
Lockbit ransomware group has confirmed our suspicions. Hacking is illegal and for nerds!!
https://lockbit4.com