vx-underground

21 Nov 2024 21:22

Broke the news so fast they didn't have time to activate Windows

vx-underground

21 Nov 2024 16:03

we're cooked (we're under the rest)

vx-underground

21 Nov 2024 01:14

This is such an oddly specific joke, it's not even funny but it had to be shared

vx-underground

20 Nov 2024 23:11

Another funny story: I got malware (again) from trying to download "hacks" for Halo 2. I couldn't find the malware (again) so I randomly uninstalled software from the Control Panel. I uninstalled the audio drivers and network drivers. This didn't fix it.

- smelly

vx-underground

20 Nov 2024 20:13

Today the United States Department of Justice unsealed criminal charges brought against 5 people.

- Ahmed Hossam Eldin Elbadawy, 23, a/k/a "AD", of College Station, Texas
- Noah Michael Urban, 20, a/k/a "Sosa" and "Elijah", of Palm Coast, Florida
- Evans Onyeaka Osiebo, 20, of Dallas, Texas
- Joel Martin Evans, 25, a/k/a "joeleoli", of Jacksonville, North Carolina
- Tyler Robert Buchanan, 22, of the United Kingdom

The individuals are accused of performing phishing and/or social engineering attacks which resulted in the theft of millions of dollars.

More information: https://www.justice.gov/usao-cdca/pr/5-defendants-charged-federally-running-scheme-targeted-victim-companies-phishing-text

vx-underground

19 Nov 2024 22:38

🚨 BREAKING 🚨

MICROSOFT HAS JUST DISCOVERED VDI'S AND THIN CLIENTS. THIS IS NOT A DRILL!!!!

vx-underground

19 Nov 2024 20:14

Yeah, we rip on Microsoft a lot. But for each feature they add, they're just expanding the Threat Landscape in corporate environments (and potentially homeusers).

Should we be more optimistic? Maybe.

Are we optimistic? Hell nah

vx-underground

19 Nov 2024 07:08

The United States Department of Justice is pushing Google to sell Google Chrome to break their search monopoly (not official yet, but Google is probably big mad).

More information:
https://www.bloomberg.com/news/articles/2024-11-18/doj-will-push-google-to-sell-off-chrome-to-break-search-monopoly

vx-underground

18 Nov 2024 22:45

> read about windows 11 share button thingy
> can this be abused? tl;dr yes, duh
> research
> shobjidl_core!IDataTransferManagerInterop
> research
> Raymond Chen wrote about this in 2017
> first added to windows shell as dumb button
> bonus chatter is indeed accurate

vx-underground

18 Nov 2024 19:11

Windows 11 will be adding the Share button to the Start Menu and Taskbar. This is excellent news for people who are unfamiliar with CTRL-C + CTRL-V. Additionally, this introduces another method for data exfiltration

Very cool

https://www.bleepingcomputer.com/news/microsoft/windows-11-is-adding-a-share-button-to-the-start-menu-and-taskbar/

vx-underground

18 Nov 2024 01:35

We once considering partnering with some YouTuber to do some funny videos or something, just meme-ing stuff, make it entertaining. Then we realized that's too much work and we'd rather just keep falling into nothingness (reading msdn)

vx-underground

18 Nov 2024 00:44

We initially thought this was a meme and/or fake post to mock StackOverflow.

We checked the statistics (which now require 25,000+ reputation), and this is indeed accurate. StackOverflow is bleeding to death.

vx-underground

17 Nov 2024 19:32

Thank you, Nick, for sending us cat memes everyday since October 11th. Your commitment to kitty cat memes is impressive.

vx-underground

17 Nov 2024 19:23

This person sent us a Dad-tier joke then waited 5 months for a follow up 😂😂😂

vx-underground

16 Nov 2024 23:39

“While it’s unlikely we could get rid of CISA, we survived for what, 248 years without them” — Rand Paul said, believing the internet has existed for 248 years

vx-underground

21 Nov 2024 21:03

Removed post about Google having to sell Chrome. It was slightly misleading.

tl;dr will be confirmed or denied Summer 2025 by the courts.

vx-underground

21 Nov 2024 15:09

unrelated to malware, but need to kitty post (dont feel like pushing to prod)

vx-underground

21 Nov 2024 01:12

regular programmers: int x = 0;
malware programmers: DWORD dwIncrementalExportAddressTableEnumerationIndexer = 0;

vx-underground

20 Nov 2024 23:07

When I was a teenager, I infected my personal computer trying to download "mods" for Windows XP. I couldn't find the malware (I only checked My Documents), so I thought the malware was in my modem. I convinced my parents to buy a new modem. It didn't fix it.

- smelly

vx-underground

20 Nov 2024 19:58

APT28 and APT29 listenin' to Eminem - "Without Me" as we speak

vx-underground

19 Nov 2024 20:20

Microsoft CEO Satya Nadella greeting the Red Teamers after Microsoft Ignite 2024 (they can now clone target voices)

vx-underground

19 Nov 2024 20:12

Satya Nadella is literally the VIP for Threat Actors and Red Teamers.

Thanks to new Microsoft Teams technologies, you can now clone your voice ... so you can speak to others in a different language!

Ever be North Korean but want to sound American? It's now possible!

https://techcrunch.com/2024/11/19/soon-microsoft-will-let-teams-meeting-attendees-clone-their-voices/

vx-underground

19 Nov 2024 00:34

Infamous rapper and (alleged) (innocent?) money launderer Heather "Razzlekhan" Morgan is in a positive mood.

Shout-out to her and her legal team (we're trying to get her autograph)

vx-underground

18 Nov 2024 19:16

Thanks to Microsoft share we can now easily exfiltrate data with just a few clicks of a button. Or, we can just automate the task in C/C++ (or any language) and mass e-mail ourselves data.

very cool

vx-underground

18 Nov 2024 01:54

NOTE: Someone pointed out this graph is slightly incorrect, and they're correct with that assessment. ChatGPT went public in November, 2022. We misread this chart — it says November, 2021 (not 2022, oops).

Further research shows a continual decline in StackOverflow usage since 2018. However, upon ChatGPT release, StackOverflow really felt a blow to it's traffic and userbase.

More information: https://www.i-programmer.info/news/99-professional/16487-stack-overflow-announces-ai-powered-features.html

vx-underground

18 Nov 2024 01:34

> get flooded with noob questions about malware
> nbd, we all been noobs
> consider replying
> too_much_effort.jpg
> consider making thing explaining malware basics
> too_much_effort.svg

We hope someone else does it. Not even coding, just core concepts and how stuff works

vx-underground

17 Nov 2024 19:39

Biggest fan frfr,

We're not financial experts. Our primary advice would to be to stop using Windows XP — eating dog food is (probably) okay.

Thanks,

vx-underground

17 Nov 2024 19:28

No idea why "vx" is in your formula, we're not math brain, okay? Also, you have good handwriting.

vx-underground

17 Nov 2024 03:12

Updates:

Administrative Updates:
Hello, how are you? We've got tons of malware from our daily intake queue that we need to shovel through and keep moving. It's exhausting work (even if most is automated). Despite our best efforts, we always feel like we don't have enough resources (moar).

1. Black Mass Vol. III is still in development. Making books is hard work.

2. We've witnessed some pretty extreme volatility on X again. Our follower count has oscillated between 335,900 to 336,400 on a near day-to-day basis. We've also seen a pretty dramatic spike in spam DMs (again). We are considering cross-posting on BlueSky, but we aren't sure. It feels like such a burden to use social media, with what feels like dozens of social media platforms, and everyone hates one of them for one reason or another.

3. Ignore our memes about us shutting down. For several years we've joked about shutting down vx-underground and making it an anime blog. We have zero intention on leaving. But, we do enjoy occasionally venting our frustration to our audience. Running a giant malware library is actually kind of hard work.

4. If you want to support us, we recommend you donate. Unfortunately, as time has progressed we receive less and less support from individual donors and instead on small-to-medium sized "companies". We say "companies" in quotation marks because two of our largest supporters are video game cheat producers. Unironically, the people most of you hate are supporting us and asking for nothing in return.

Larger cybersecurity companies have expressed concern with our audience and behavior. They have told us (rather bluntly) they don't need us, or our audience, so sponsoring or donating means nothing to them. When we offer to put their logo, or brand, on vx-underground they dismiss us, say a logo placement like that is designed for sales, and they don't need us for sales because they're doing just fine financially with the "tech crowd".

Very cool, large companies. Your disregard for our existence is appreciated.
- smelly

Bulk downloads:
- VirusSign.2024.11.05
- VirusSign.2024.11.06
- VirusSign.2024.11.07
- VirusSign.2024.11.08
- VirusSign.2024.11.09
- VirusSign.2024.11.10
- VirusSign.2024.11.11
- VirusSign.2024.11.12
- VirusSign.2024.11.13
- VirusSign.2024.11.14
- VirusSign.2024.11.15
- VirusSign.2024.11.16

Families:
- AbaddonPOS
- AgentTesla
- Android.Joker
- AsyncRAT
- Dasref
- DCRat
- Hancitor
- Mirai
- Multigrain
- Vawtrak

Archive:
- The Old New Thing, October, 2024

vx-underground

16 Nov 2024 23:37

Rand "ransomware is cool and badass" Paul