vx-underground

19 Nov 2024 20:20

Microsoft CEO Satya Nadella greeting the Red Teamers after Microsoft Ignite 2024 (they can now clone target voices)

vx-underground

19 Nov 2024 20:12

Satya Nadella is literally the VIP for Threat Actors and Red Teamers.

Thanks to new Microsoft Teams technologies, you can now clone your voice ... so you can speak to others in a different language!

Ever be North Korean but want to sound American? It's now possible!

https://techcrunch.com/2024/11/19/soon-microsoft-will-let-teams-meeting-attendees-clone-their-voices/

vx-underground

19 Nov 2024 00:34

Infamous rapper and (alleged) (innocent?) money launderer Heather "Razzlekhan" Morgan is in a positive mood.

Shout-out to her and her legal team (we're trying to get her autograph)

vx-underground

18 Nov 2024 19:16

Thanks to Microsoft share we can now easily exfiltrate data with just a few clicks of a button. Or, we can just automate the task in C/C++ (or any language) and mass e-mail ourselves data.

very cool

vx-underground

18 Nov 2024 01:54

NOTE: Someone pointed out this graph is slightly incorrect, and they're correct with that assessment. ChatGPT went public in November, 2022. We misread this chart — it says November, 2021 (not 2022, oops).

Further research shows a continual decline in StackOverflow usage since 2018. However, upon ChatGPT release, StackOverflow really felt a blow to it's traffic and userbase.

More information: https://www.i-programmer.info/news/99-professional/16487-stack-overflow-announces-ai-powered-features.html

vx-underground

18 Nov 2024 01:34

> get flooded with noob questions about malware
> nbd, we all been noobs
> consider replying
> too_much_effort.jpg
> consider making thing explaining malware basics
> too_much_effort.svg

We hope someone else does it. Not even coding, just core concepts and how stuff works

vx-underground

17 Nov 2024 19:39

Biggest fan frfr,

We're not financial experts. Our primary advice would to be to stop using Windows XP — eating dog food is (probably) okay.

Thanks,

vx-underground

17 Nov 2024 19:28

No idea why "vx" is in your formula, we're not math brain, okay? Also, you have good handwriting.

vx-underground

17 Nov 2024 03:12

Updates:

Administrative Updates:
Hello, how are you? We've got tons of malware from our daily intake queue that we need to shovel through and keep moving. It's exhausting work (even if most is automated). Despite our best efforts, we always feel like we don't have enough resources (moar).

1. Black Mass Vol. III is still in development. Making books is hard work.

2. We've witnessed some pretty extreme volatility on X again. Our follower count has oscillated between 335,900 to 336,400 on a near day-to-day basis. We've also seen a pretty dramatic spike in spam DMs (again). We are considering cross-posting on BlueSky, but we aren't sure. It feels like such a burden to use social media, with what feels like dozens of social media platforms, and everyone hates one of them for one reason or another.

3. Ignore our memes about us shutting down. For several years we've joked about shutting down vx-underground and making it an anime blog. We have zero intention on leaving. But, we do enjoy occasionally venting our frustration to our audience. Running a giant malware library is actually kind of hard work.

4. If you want to support us, we recommend you donate. Unfortunately, as time has progressed we receive less and less support from individual donors and instead on small-to-medium sized "companies". We say "companies" in quotation marks because two of our largest supporters are video game cheat producers. Unironically, the people most of you hate are supporting us and asking for nothing in return.

Larger cybersecurity companies have expressed concern with our audience and behavior. They have told us (rather bluntly) they don't need us, or our audience, so sponsoring or donating means nothing to them. When we offer to put their logo, or brand, on vx-underground they dismiss us, say a logo placement like that is designed for sales, and they don't need us for sales because they're doing just fine financially with the "tech crowd".

Very cool, large companies. Your disregard for our existence is appreciated.
- smelly

Bulk downloads:
- VirusSign.2024.11.05
- VirusSign.2024.11.06
- VirusSign.2024.11.07
- VirusSign.2024.11.08
- VirusSign.2024.11.09
- VirusSign.2024.11.10
- VirusSign.2024.11.11
- VirusSign.2024.11.12
- VirusSign.2024.11.13
- VirusSign.2024.11.14
- VirusSign.2024.11.15
- VirusSign.2024.11.16

Families:
- AbaddonPOS
- AgentTesla
- Android.Joker
- AsyncRAT
- Dasref
- DCRat
- Hancitor
- Mirai
- Multigrain
- Vawtrak

Archive:
- The Old New Thing, October, 2024

vx-underground

16 Nov 2024 23:37

Rand "ransomware is cool and badass" Paul

vx-underground

16 Nov 2024 23:30

Just joking. But vx-underground started as a website to 'save cool papers' I liked. Now it's this monster with lots of servers, and code, and hosting, and people, and things, and clothes, and followers, and news. I'm like, what the hell is going on? Anyway, pushing stuff soon

vx-underground

16 Nov 2024 19:45

T-Mobile has confirmed they've been compromised (again). This time it was slightly different — they were compromised by Chinese state-sponsored Threat Actors.

The United States Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) put out a statement regarding the matter on November 13th.

This makes this the 9th time T-Mobile (or a T-Mobile partner) has been compromised since 2019. We've actually lost count on the number of compromises, but thankfully BleepingComputer has archived and/or documented them really well.

Our hearts go out to the cybersecurity employees at T-Mobile. Following some of the more recent breaches we became familiar with some of the employees there and the difference they're trying to make with the organization. We wholeheartedly believe they're trying to improve the security posture of the organization... but APT Salt Typhoon a/k/a UNC2286 is a heavy hitter and is no joke.

vx-underground

16 Nov 2024 04:59

Netflix network engineers resolving the lag customers are experiencing

vx-underground

16 Nov 2024 04:50

Netflix servers trying to deliver Paul vs Tyson (this is what we're actually seeing right now)

vx-underground

16 Nov 2024 04:08

(that's a lot for us)

vx-underground

19 Nov 2024 20:14

Yeah, we rip on Microsoft a lot. But for each feature they add, they're just expanding the Threat Landscape in corporate environments (and potentially homeusers).

Should we be more optimistic? Maybe.

Are we optimistic? Hell nah

vx-underground

19 Nov 2024 07:08

The United States Department of Justice is pushing Google to sell Google Chrome to break their search monopoly (not official yet, but Google is probably big mad).

More information:
https://www.bloomberg.com/news/articles/2024-11-18/doj-will-push-google-to-sell-off-chrome-to-break-search-monopoly

vx-underground

18 Nov 2024 22:45

> read about windows 11 share button thingy
> can this be abused? tl;dr yes, duh
> research
> shobjidl_core!IDataTransferManagerInterop
> research
> Raymond Chen wrote about this in 2017
> first added to windows shell as dumb button
> bonus chatter is indeed accurate

vx-underground

18 Nov 2024 19:11

Windows 11 will be adding the Share button to the Start Menu and Taskbar. This is excellent news for people who are unfamiliar with CTRL-C + CTRL-V. Additionally, this introduces another method for data exfiltration

Very cool

https://www.bleepingcomputer.com/news/microsoft/windows-11-is-adding-a-share-button-to-the-start-menu-and-taskbar/

vx-underground

18 Nov 2024 01:35

We once considering partnering with some YouTuber to do some funny videos or something, just meme-ing stuff, make it entertaining. Then we realized that's too much work and we'd rather just keep falling into nothingness (reading msdn)

vx-underground

18 Nov 2024 00:44

We initially thought this was a meme and/or fake post to mock StackOverflow.

We checked the statistics (which now require 25,000+ reputation), and this is indeed accurate. StackOverflow is bleeding to death.

vx-underground

17 Nov 2024 19:32

Thank you, Nick, for sending us cat memes everyday since October 11th. Your commitment to kitty cat memes is impressive.

vx-underground

17 Nov 2024 19:23

This person sent us a Dad-tier joke then waited 5 months for a follow up 😂😂😂

vx-underground

16 Nov 2024 23:39

“While it’s unlikely we could get rid of CISA, we survived for what, 248 years without them” — Rand Paul said, believing the internet has existed for 248 years

vx-underground

16 Nov 2024 23:36

United States Politician Rand Paul wants to cut, or entirely eliminate, the United States Cybersecurity and Infrastructure Security Agency (CISA).

He said: “While it’s unlikely we could get rid of CISA, we survived for what, 248 years without them”

https://www.politico.com/news/2024/11/14/rand-paul-kneecap-cisa-00189698

vx-underground

16 Nov 2024 23:19

Hosting virus-dot-exchange with several thousand active daily users (for free) and being integrated into several APIs (for free) is wildly expensive.

One of these days we're gonna snap, delete all of it, and just start selling fruit on the side of a busy intersection

vx-underground

16 Nov 2024 06:48

> netflix down for everyone
> netflix comes back up
> *buffering*

First image shown:

vx-underground

16 Nov 2024 04:52

Is Netflix using Envoy proxy? 🤔

vx-underground

16 Nov 2024 04:27

Netflix servers right now trying to deliver Paul vs Tyson (their infrastructure is 1 old computer in a basement)

vx-underground

16 Nov 2024 04:07

Our server bills this month were over $1400