14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Administrative update:
tl;dr bradley is out, i'm back. reorganizing papers. were collecting cats. no more goofing around.
0. Bradley is out-of-office. He was supposed to man-the-ship. He has experienced a family medical emergency. I am now steering the ship again.
1. Currently the Windows malware paper collection is not organized. We have been dumping them into a giant pool. We have received feedback from users regarding their dissatisfaction with this decision. Hence, we are re-organizing the Windows malware paper collection and introducing new sections to make navigation easier.
New sections:
- AMSI
- Evasion
- GPU Abuse
- Hooking
- Infection
- Initial Access
- Internals and Analysis
- Kernel Mode
- Keylogging
- LSASS
- Networking
- Persistence
- Process Injection
- Shellcode Execution
- Syscalls
- System Components and Abuse
- Windows COM
2. We have begun processing our massive backlog of malware samples. Our current backlog dates back to November, 29th. The current ingestion estimate is 600,000 new malwares.
3. As many have you seen — we have made a pseudo-pseudo-fork of vx-underground. We now have an entire 'side project' dedicated to collecting images of cats. We have received and reviewed your feedback — all images received will be pHashed (perpetually hashed?) to ensure no duplicate photos of cats exist. We have purchased a domain for the side project, we are actively developing something to display and distribute photos of cats. The current cats-related Twitter profiles do not suffice. They fail to categorize them in a structured database and do not actively distribute the cat image data to their userbase. It is disgusting and we hate it.
This is only partially a joke. But, we're wondering if we can use our nerd-mindset to defeat large cat-centric social media profiles.
4. Beside the stupid idea of collecting cat photos, we are returning to business as usual. All giveaways are done, poop posting will be minimal(ish)(depends on mood), our focus will be shifted back to malware-related material aggregation and being cybercrime TMZ.
Thanks,
- smelly smellington
The targeted advanced attack they mention was phishing (someone somewhere said it). It wasn't like when APT29 hopped laterally across buildings via WiFi using a 0day exploit
Читать полностью…
Black Mass Volume III is coming soon. We aim to continue our malware book dominance on Amazon
Читать полностью…
This sweater is super cool.
If we were younger, more attractive, had a sense of fashion, and capable of dressing ourselves — we'd purchase this.
AI artwork was really cool and impressive for about 3 weeks. Then it was immediately abused by low-lifes and cheap bastards to cut corners and make money.
Now AI artwork looks like a big stinky pile of shit drizzled in corporate greed
> write 20 page paper on opaque malware technique
> 5,000 lines of C++
> *crickets*
> write 1 paragraph explaining basic malware concept
> -5,000 lines of C++
> ZOOOMFGGGGG!!!1111 whOAOAOAOAOA
Today 404mediaco released an article on Anthaney O’Connor. Mr. O’Connor reported someone to law enforcement for possessing CSAM.
However, while law enforcement was conducting their investigation, they discovered Mr. O’Connor also possessed CSAM. Additionally, he was actively developing a virtual reality video game to perform sexual acts with children. The video game had both real and AI generated pornographic images of children in it. Mr. O’Connor intended to sell and distribute this video game for $200.
More information: https://www.404media.co/tipster-arrested-after-feds-find-ai-child-exploit-images-and-plans-to-make-vr-csam-2/
Xitter doesn't pay 'content creators' well. Next time you accuse someone of baiting for engagement (or monetary reward) — look at this chart we've attached.
During our Christmas gifting session Xitter paid us $162.25. This gifting spree had an engagement rate exceeding 6%, over 5,000,000 views in total, our profile stats jumped 400%.
Our largest paycheck ever was from memeing Crowdstike during their level 9000 shitstorm driver implosion. It was $367.39.
You would need x10 our following and/or engagement to make $3,000/month. In other words, you'd need roughly 3,000,000 followers with an engagement rate of 5% — 150,000 likes and/or comments PER POST with a majority being subscribed to Xitter Blue.
This is relevant to us because one of the bunnies is actually a malware researcher
Читать полностью…
vx-underground Black Mass Research Group presents: Minegrief.
tl;dr a computer worm that targets minecraft
https://github.com/blackmassgroup/minegrief
> write malware proof of concept for Black Mass III
> work on project for a few weeks
> Last Modified: September 18th, 2024
Ransomware payloads often skip over executable files to save on time and performance.
Replace every file extension on your computer with .exe, .dll, or .sys to prevent ransomware attacks.
"They'll never catch me if I'm in Israel, with this funny hat and fake moustache" — Rostislav Panev, developer and core member of Lockbit ransomware group
Читать полностью…
Per BleepinComputer, a ransomware affiliate from Netwalker ransomware group has been sentenced. He has received 20 years in prison.
It appears the defacto standard in the United States judicial system for ransomware operators (based on arrests of REvil affiliates, Netwalker affiliates, etc) is roughly 20 years in prison. Previous arrests also have shown assets seized (cryptocurrency), and restitution.
Although, the restitution part would be difficult because prison pay in the United States (varying) is approx. $1.41/hour (some as low as $0.03/hr) and some ransomware affiliates owe millions in restitution to victims. This means, ideally, a high paid prisoner would have to work 709,000 hours (29,550 days, 80 years) to pay victims back if they owed $1,000,000 in restitution.
tl;dr if caught doing ransomware, the United States government will take your money, ban you from electronics, sentence you to 20 years in prison, and may you pay back millions at a rate of $1/hr
tl;dr tl;dr if caught doing ransomware, your life is ruined forever (or about 30% of your adult life, depending on how long you live, or unless you "unalive" yourself in prison)
dudes steals a South Korean government Xitter profile and tweets "north korea is best korea". thats diabolical stuff
Читать полностью…
Cyberhaven, a thing we've never heard about before until about 2 minutes ago, that does something with cybersecurity and lists it's biggest customers on it's website, was compromised. It resulted in a web-browser-based supply chain attack.
Читать полностью…
Sometime in 2020 a guy named "Shikata" recommended we make the vx-underground slogan be: "spread the infection."
It was such a god awful, abomination of a slogan, I never forgot about it. It's been almost 5 years.
- smelly
It wouldn't be a Christmas unless a company did something horrifically stupid.
This year concludes with Activision. Activision decided to release some promotional artwork which was created using Artificial Intelligence.
tl;dr massive game studio doesn't use their artists
Alternatively, as we've been told, a good way to ensure a Xitter paycheck, while having a low follower count and/or engagement rate — is to be a conventionally attractive Asian woman and have Elon Musk follow you on Xitter.
Читать полностью…
Every single one of you is invited to our Christmas feast.
We only have 1 turkey.
It'll be difficult to split it between all 380,000 of you. We also don't have enough cups, plates, or silverware.
We also don't know where you're all going to sit... But you're invited!
This Christmas Eve we're relaxing at HQ, enjoying the Christmas classics, and drinking hot chocolate (and also cat).
A true blessing.
Song: Rudolph the Red-Nosed Reindeer
Today a bunch of YouTubers began discussing a Browser plugin called "Honey". Their discussions revolves around the investigative research of a YouTuber named MegaLag.
Commentators are referring to it as a scam. Scam in this context isn't quite accurate enough because it is deceptive to advertisers, web stores, AND consumers, but also the browser plugin itself functions fundamentally similar to malware payloads.
tl;dr plugin extension modifies cookies on page checkout to steal commission from other people. The idea in itself is so novel, we want to introduce the entire "Honey" company into Black Mass Volume III
https://www.youtube.com/watch?v=vc4yL3YTwWk
Incomplete project that will be thrown into the trash: https://pastebin.com/raw/3VYrcNYt
Читать полностью…
The developer of Lockbit ransomware (and a core member) sure lived a beautiful and cozy life. He seems so happy and relaxed knowing the people using his weapon were ransoming childrens hospitals and critical infrastructure.
The United States government will be very nice to him when he's extradited from Israel (they won't be nice at all, they're going to make his life an inescapable hell).
(one of the developers of lockbit ransomware group was arrested in israel)
https://www.justice.gov/opa/pr/united-states-charges-dual-russian-and-israeli-national-developer-lockbit-ransomware-group
Conversely, we've seen information stealer malware authors receive 5 years in prison.
1. Judges fucking HATE ransomware, they will throw the book at you (slang, meaning be as harsh as possible)
2. It appears it also depends on how much you're willing to snitch and/or beg
> take nap
> wake up
> go poop
> get out of bed
> check emails
> get ICANN requests from Giorgia Meloni, 1800's Russian essayist Fyodor Dostoevsky, and 16th President of the United States Abraham Lincoln