vx-underground

03 Nov 2024 02:07

Interesting things that happened lately:

October 31st: safe0x17 released RustVEHSyscalls, a Rust port for LayeredSyscalls — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH

October 30th: FeribHellscream released a paper on forming a shell company and attempting to purchase an EV code sign cert (it's not fun)

October 29th: 404mediaco received a leaked document from the largest New York hospital system — the document encourages physicians to use Artificial Intelligence to summarize clinical evaluations, diagnose medical issues, and parse health records

October 29th: BratvaCorp noted based on the recent United States Department of Justice indictment of Redline information stealer developers — the authors of Redline connected to their platform from their home IP addresses and linked assets to their personal iCloud accounts.

October 27th: MalDevAcademy released a proof-of-concept code illustration of extracting an encrypted and embedded PE file from a PNG file and executing it via a LNK file.

October 23rd: SttyK released a talk on how he discovered North Korean state-sponsored spys on Discord.

October 22nd: 0gtweet released a paper on on how to read BitLocker numerical passwords via the Windows API.

October 22nd: mez0 via TrustedSec released a paper on malware development via the Groovy programming language and it's usage in network enumeration.

October 19th: Hexacorn discovered a new malware persistence technique by abusing the UserInstStubWrapper API in advpacker.dll and IEAdvpacker.dll

October 18th: Hexacorn notes the discovery of 'ClickedOnRAT' windows API function from Windows XP. It's not related to malware, the API name is silly and misleading.

October 18th: Hexacorn unveiled a prankware technique by abusing NdfRunDllDuplicateIPDefendingSystem and NdfRunDllDuplicateIPOffendingSystem

vx-underground

02 Nov 2024 17:42

Hispanic users with 30 last names (all hypenated) && Eastern Europeans users with ski and/or vich and/or ska in their name

vx-underground

02 Nov 2024 17:24

please do not feed the NFT influencers

vx-underground

31 Oct 2024 14:59

the internet is a bunch of children surfing on computer keyboards several hundred kilometers in orbit

vx-underground

30 Oct 2024 18:45

The Russian Federation has fined Google $20,000,000,000,000,000,000,000,000,000,000,000.

To point that into perspective: yo momma

vx-underground

29 Oct 2024 16:14

Through a series of unfortunate events, additions to vx-underground are going to be dead in the water.

We've got 99 problems and they're all things not on the internet. Our AFK-ness could extend for a week, maybe 2.

We'll just shit post when we have the time.

Thanks,

vx-underground

28 Oct 2024 14:28

We reached out to the law enforcement officials behind Operation Magnus (we sent them a silly picture of a cat).

vx-underground

28 Oct 2024 13:15

It has an official website***

Way too early for European law enforcement to be taking down MaaS operations.

vx-underground

27 Oct 2024 22:43

We understand and apologize to our non-Native English speaking friends.

We realize English can be weird when sentences like this make sense:

"Those fuckin' muthafuckers, always fuckin' fucking around. Fuckin' fucking with their fuckin' fucked shit.".

vx-underground

26 Oct 2024 20:44

Donut Leaks ransomware group claims to have accidentally destroyed their internal databases. They're asking victims to re establish contact.

tl;dr pushed to prod on a Friday

vx-underground

26 Oct 2024 14:51

It's being reported that the CEO of Microsoft, Satya Nadella, is receiving a 63% pay raise. This will make his total compensation be a remarkable $73,000,000 annually.

This comes after dozens of Microsoft security oopsies and layoffs.

Very cool

vx-underground

25 Oct 2024 23:03

If you nerds forgot: there was indeed ransomware which targeted chastity belts. We have the source code.

It's Trojan-Ransom.Python.ChastityLock in the Python directory.

https://github.com/vxunderground/MalwareSourceCode

vx-underground

25 Oct 2024 22:44

Today Namecheap launched the new TLD .locker

They state it is for people involved in Bitcoin, DeFi apps, and online gaming. In other words, it is perfect for ransomware groups.

Very cool.

vx-underground

25 Oct 2024 03:09

literally me (pretend the hotdogs are malware)

vx-underground

24 Oct 2024 18:29

> make thousands of typos
> no one bats an eye
> confuse Principle or Principal
> get eaten alive in the comments

vx-underground

03 Nov 2024 00:17

Only a few more days of misinformation campaigns in the United States (it'll be back shortly after)

vx-underground

02 Nov 2024 17:40

October 30th Okta disclosed a vulnerability whereas individuals could bypass AD/LDAP Delegated Authentication by providing a username greater than 52 characters.

It required a cached previous success login attempt.

tl;dr employees with long last names are a security threat

vx-underground

31 Oct 2024 23:27

wtf just found lumma stealer in candy

vx-underground

31 Oct 2024 02:02

antiviruses are malware that target malware

vx-underground

29 Oct 2024 18:54

We're not shutting down.

We're just going to be AFK so additions are suspended for a little bit.

We got a few DMs from people acting like the world is ending (it's not)

vx-underground

28 Oct 2024 20:00

The Simland Telegram channel was banned on Telegram — although a new one has already been created.

Following the arrest of Pavel Durov in France, Telegram users are reporting a significant increase in Telegram taking action on crime-related channels.

vx-underground

28 Oct 2024 14:24

The video released by the Dutch National Police and United States Federal Bureau of Investigation comes across as like, a TikTok video or something.

10/10 "VIP, Very Important to Police"

vx-underground

28 Oct 2024 13:14

Today the Dutch National Police, in conjunction with the FBI, disrupted the operations of Redline information stealer and Meta information stealer.

It was named Operation Magnus and it had an official website.

operation-magnus.com

vx-underground

27 Oct 2024 19:14

BREAKING: Researchers discover UnknownCheats and ElitePVPers

vx-underground

26 Oct 2024 14:52

We're not sure what he does that is worth a salary of $200,000 a day, but we're sure it's justified. Right?

vx-underground

25 Oct 2024 23:40

Half of you degenerates are just like this

vx-underground

25 Oct 2024 23:01

Which one of you purchased this?

vx-underground

25 Oct 2024 22:33

We don't do any exploit stuff, but anytime we leave malware-city and swing on down to exploit-dev-and-blue-team-ville we always see people discussing pretty much the same stuff.

vx-underground

24 Oct 2024 19:15

Potentially related to cybersecurity, illustrative of the shift toward AI and the impact it makes on people.

Yesterday and today multiple media outlets have begun publishing articles surrounding the death of a 14-year-old boy in Florida who took his own life after falling in love with a Game of Thrones role-playing AI.

The young man had expressed suicidal ideologies toward the AI in which the chat bot informed him to 'come home'. The young man took his own life using his step-fathers gun.

The teenagers mother is suing the AI company, Character-dot-ai for unspecified damages. The company has offered their condolences to the family. People online have had mixed reactions, some blame the company, others blame the parents.

vx-underground

24 Oct 2024 18:20

Principal**

Sorry, we can't spell or read or write