14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
vx-underground in 2019:
- simple and free shared hosting
- 20gb in total
- 1 old crappy pc
vx-underground 2024:
- home lab setup with 4 pc's (soon 5)
- fiber
- ingesting 20gb - 60gb per day
- 10 people team
- 8 servers, custom software suite for vxug
- 7.15tb in total
- anime
It will actually put you to sleep — it's super cold, dark, and magic numbers just keep being magical. You will pass out in your chain
Читать полностью…
Administrative updates:
- August 21st, new hardware arrives.
- We'll occasionally livestream malware ingestion. The streams will take place on Xitter. You can watch numbers go up.
- New papers will be pushed once new hardware arrives
Enjoy your weekend. Love you
Russia-based cyber hacktivists claim to have compromised Zoom. Let's review the data.
tl;dr not compromised, but kind of depressing to review
Size (uncompressed): 1.49MB
Total files: 5
Unusually small size of a 'compromise' from a Fortune 1000 company, right?
What's in this 'leak'? A text file which contains 95 (that's not a typo, it is literally just 95 lines) username and passwords. Each username and password listed is present in HaveIBeenPwned. The data present is formatted similar to stealer logs.
Other files included are 'web_domains.txt' which appears to be ... an nmap scan (???). There is also a web_dump.txt file which contains.... whois data (???) and some super 1337 ASCII art.
They forgot to include the password protected zip file in their post, so we had to review their chatroom. The password was 'usersec_fucknato'.
Imagine a 24/7 livestream of our malware ingestion feed. It would be a CMD window displaying the SHA256 hash, the ingestion code status, and the unique file counter.
Читать полностью…
In April, 2024 the National Public Data breach was discussed in various cybersecurity circles. In August, 2024 we see non-nerds discussing it.
Network Engineers: how serious of a problem is a 10,518,984,000 millisecond latency?
No idea what women dressed as lamps has to do with cybersecurity. It's also creepy. We feel bad for the women they hired to dress as lamps and greet people.
Читать полностью…
Shoutout to random Russian guy who dropped $3,000 on us when we were asleep
Читать полностью…
> Make website
> Make it free educational content for everyone
> Get called rich
> ???
A few years ago a relatively large cybersecurity company shared publicly how much they appreciated our APT sample collection.
We told them we're happy it brought them value and they should consider the donating.
The CEO contacted us directly and donated $50.
piracy nerds when the torrented adobe is laced with malware
Читать полностью…
It's fundraiser time.
We're aiming to raise $3,000. We will use this money to buy improved computer equipment. Processing malware is resource intensive.
Please consider donating so we can give more stuff for free. We rely on you to survive.
https://donorbox.org/vxug-2024-hardware-fundraiser
Rachael Lillis, the voice actor for Pokemon characters Misty, Jesse, Jigglypuff, and more, passed away August 10th of Breast cancer. She was 46.
Thank you, Rachael, for making Pokemon so cool for us when we were kids.
🎵Jiggggggggly Pufffffff🎵
Administrative Update:
tl;dr lots of data, need stuff
1. We have finished migrating vx-underground to our new servers. We believe our new host is better, cheaper, blah blah blah. If you encounter any issues with the website please notify us.
2. Thank you to the individuals who helped us with our first fundraiser. We are using the equipment to bring in an in-house graphic design artist. This money went toward the necessary equipment, subscription services, etc for artist nerds. Ideally, we can produce more high quality artwork, merch, memes, whatever – without reliance on 3rd party entities or crappy AI artwork.
3. We will be doing another fundraiser. We need to purchase more hardware (literally a new supped up computer) just to assist in the processing of malware. We're currently ingesting 25,000+- malware samples per day, however we hope to dramatically increase this number. This is approx. 500GB of malware a month.
4. Black Mass Vol. III is still in work. We've hired an artist who did the artwork for American heavy metal band Slipknot to do the cover. We've also got a handful of super cool papers in this issue.
5. We have a massive, an absolutely colossal, amount of papers in queue to add. Before doing these papers we need to get the samples out-of-the-way. Or not, don't know yet. We're swamped.
It's a surreal feeling seeing this crappy website, with nothing but malware papers, malware source code, and malware samples, distributing as much as 500TB of data per month. Our server bills have gone up by quite a bit – but your donations, sponsorships, and (unironically) Twitter engagements allow us to make money and keep moving forward.
Love you ❤️
If you like to watch numbers go up: we're currently livestreaming our malware ingestion.
https://www.twitch.tv/vxunderground_live
Malware ASMR: Extracting, compressing, and uploading malware while a cooling system works in the background
Читать полностью…
> check DMs
> "vx-underground we think your group is capable of social change can you help ..."
Capable of social change? Our entire audience is terminally online degenerates. If you want someone who can make an impact write to Taylor Swift, not us.
Today Qilin has successfully solidified itself as a colossal piece of shit. Of course, all ransomware is bad, but Qilin ransomed Promise2Kids, a California non-profit which rescues children from abusive homes.
Читать полностью…
Administrative updates:
- New hardware purchased via successful fundraiser
- Migration to new servers completed
- 330,000+- new malware samples queued
- 200+- papers queued
The vx-underground collection is growing approx 1.4TB per month at our current pace.
Cheers,
Today Nikesh Arora, the CEO of Palo Alto Networks, issued an apology for the marketing decision Palo Alto chose at Black Hat 2024 in Las Vegas.
Many visitors openly criticized Palo Alto for being sexist and questioned why their hostesses dressed up as ... lamps?
Dorks raging on us for asking for money is silly. $3,000 is pocket change to what actual companies make. God forbid we have nice things.
Last Christmas we coordinated a giveaway totaling $40,000 of educational courses.
You can take your Twitter follow and shove it up your ass.
We appreciate all donations. Every dollar helps. But, it felt kind of cheap from them – like he was like, 'thanks for the slave labor, jackass'
Читать полностью…
Last year Caesar's was hit by ransomware, paid a ransom demand of over $15,000,000, and now when the nerds come back in town someone decides to be a memester.
This is why we can't have nice things.
To put it into perspective: if every single person who follows us on Twitter, or subscribes on Telegram, donated $100,000 – we would have 1/6th of Elon Musk's net worth.
No idea what this has to do with this fundraiser, but it's kind of depressing how wealthy he is.
This morning the National Crime Agency of the United Kingdom announced and released footage of the arrest of 'J.P. Morgan'. 'J.P. Morgan's' real name has not yet been officially released by the National Crime Agency.
J.P. Morgan and his associates have been actively monitored by the United States Federal Bureau of Investigation and United States Secret Service since 2015.
J.P. Morgan is believed to be a key player behind Reveton Ransomware Group, Ransomware Cartel, and Angler Exploit Kit which has resulted in the extortion of millions of dollars all across the globe.
Angler exploit kit was often used to deploy CryptXXX, CryptoWall, and other strains. At it's peak, it's suspected over 100,000 devices were infected by Angler Exploit Kit, bringing in a revenue of around $34,000,000.
J.P. Morgan's arrest coincides with the arrest of Belarus national Maksim Silnikau a/k/a 'Maksym Silnikov', 'xxx', 'J.P. Morgan', and 'lanksy', in Poland. Indeed, you read this correctly, Maksim Silnikau also operated under the moniker J.P. Morgan – two people are J.P. Morgan.
Furthermore, charges have been brought against two more individuals who are believed to operate with J.P. Morgan and Silnikau. Vladimir Kadariya, a 38 year old citizen of Belarus and Andrei Tarasov, a 33 year old citizen of Russia.
These 4 individuals operated malvertising campaigns (i.e. Angler) which believe to have impacted over 500,000,000 people across the globe. The National Crime Agency identified physical offices for their malvertising campaigns located in Ukraine under the business name 'Media Lab'. August 9th, the Ukraine Cyber Department of the Security Service conducted 15 raids on employees tied to J.P. Morgan and co. Media Lab company.
Two more raids took place on August 9th related to J.P. Morgan and co. in Singapore and Portugal in collaboration with the Singapore Police Force and Portugal Judicial Police. In Singapore, the infrastructure for Ransomware Cartel was seized. In Portugal, another unnamed individual was raided – believed to be an associate of J.P. Morgan and co.
The National Crime Agency stated over 50TB of evidence has been seized.
More details have emerged regarding the Linus Tech Tips compromise.
We'll save you the lore, drama, backstory, and anime filler.
He was phished. That's all.
No, we don't get to decide who advertises on our Telegram channel. Telegram automagically decided a good-portion of our Telegram subscriber base is (probably) criminals.
Читать полностью…