14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Dear large enterprise companies using our website,
Contact your boss, or your bosses boss, and tell them to give us some of their large enterprise company money. We offer everything for free, if you're going to profit off our work, at least throw us a few bucks
Thanks,
Hello,
Please do not lie on your resume and claim to be 'employed' at vx-underground. It is very awkward when we have to inform your potential employer that you're lying.
Also, it's weird, don't be a booger.
Thanks,
Thank you to our friend ddd1ms for the NAS hardware donation.
We are no longer storing the vx-underground archives on an old creeky external harddrive.
We now have 48TB of RAID storage, or something, something fancy. It's really cool. Thank you so much.
Regarding Pavel Durov, the apprehension of the CEO of Telegram:
tl;dr is he responsible for the crazy stuff people do?
There is a difference between freedom of speech and freedom of consequences. Indeed — Mr. Durov provides a platform used by journalists and individuals communicating under tyranny. However, because Mr. Durov is the CEO of a large communications platform, his organization is subject to different territories judicial rulings. Virtually every single country on the planet has regulations in place which define the responsibilities of the entity (i.e. organization) and the roles they must introduce to prohibit illegal behavior. Some countries are more restrictive, others are more 'lax.
It is no surprise really France (and surely other countries beyond France) believe Mr. Durov must be held responsible for the behavior of its end users. This is not a debate of 'free speech' as it falls within the scope of liability of end user behavior.
Example: we are aware Wagner Group openly recruits people on Telegram. Should Wagner group be allowed on Telegram? Many countries despise this group, whereas other countries like this group and praise their actions (we are sure our western colleagues may find that shocking). If they are allowed to use Telegram, to what end can they operate? Is Mr. Durov responsible for their actions which violate laws in different regions? This is not a rhetorical question. Each country, people from different geographical locations, philosophical beliefs, religions, and personal experiences will answer this question differently.
Moreover, because some people have condemned Telegram for being a drug market — this is nothing new to social media platforms. It is common place for many social media platforms such as Facebook and Instagram to find people advertising drug sales. The primary difference is Telegram is less likely to cooperate with western governments and Telegram does not fall within the reach of western governments. Meta (e.g. Facebook, Instagram) cooperates with law enforcement on both a local and federal level for nearly every single country on the planet.
We have no comment on the debate on E2E encryption. We use Signal. We'll let someone privy to privacy stuff to take that lead.
This is just our pseudo-educated (still ignorant) comment on a very complex problem which will continue to plague companies as things become more global.
Administrative updates:
- Daily malware ingestion average is 400,000
- Infrastructure difficulties with our VXDB — migrating is illegal and for nerds
- Paper additions temporarily suspended
- SosMula of City Morgue agreed to give us his autograph
Have a nice day
The CEO of Telegram was arrested in France at 8PM (approx. 3 hours ago as of this writing).
It is alleged he was arrested for lack of moderation on Telegram and not complying with Law Enforcement agencies.
https://www.tf1info.fr/justice-faits-divers/info-tf1-lci-le-fondateur-et-pdg-de-la-messagerie-cryptee-telegram-interpelle-en-france-2316072.html
United States Federal Bureau of Investigation: you're a person of interest
tfw the FBI is flirting with you (they think you're really interesting)
Thank you to our friend TracketPacer for the hardware donation to vx-underground. It doesn't seem fully functional, but it may be a mistake on our part.
Читать полностью…
Our interview with 'Grep' — impersonating a journalist.
https://x.com/vxunderground/status/1827002916856627556
Rumors are floating around someone has compromised wedding planning site 'TheKnot'. Someone is using it to send spam phishing links — accusing people's spouses of cheating.
Which one of you degenerates did this?
Thanks to everyones donations the new vx-underground hardware has arrived and is in prod.
Pros:
- Process malware faster than a fast thing
- Anime
Cons:
- Sounds like jet engine
- Makes room hotter than hell
- Scares the dog
More information: https://www.justice.gov/usao-edky/pr/pulaski-county-man-sentenced-cyber-intrusion-and-aggravated-identity-theft
Читать полностью…
We've updated the vx-underground Malware Ingestion feed. All ingested malware samples from May, June, and July are now present and available for bulk download.
*All samples named appropriately via VirusTotal API.
May, 2024:
- 90.3GB (compressed)
- 358,067 malware samples
June, 2024:
- 118.3GB (compressed)
- 354,248 malware samples
July, 2024:
- 103.4GB (compressed)
- 379,219 malware samples
August, 2024 (1st - 16th)
- 416GB (uncompressed)
- 668,422 malware samples
You nerds better be pullin' this stuff >:(
Check it out here: https://vx-underground.org/Samples/MalwareIngestion
The potatoes are there because the NAS heats them up, then the mini-fan on the floor distributes a nice potato smell throughout the office.
Читать полностью…
> make post about tg guy
> leave pc
> return
> people screaming fed, saying theyre unfollowing
You don't need to inform us you're unfollowing — you're free to unfollow, complain to your Mom, and yell at the gas station clerk about our comment.
Have a nice day.
Helping us helps students and academics across the planet with cybersecurity research and education.
Universities that use vx-underground (in some capacity):
- University of Science and Technology of China
- East Carolina University
- The University of Oklahoma
- Gazi University
- University of Maryland, Baltimore County
- Dokuz Eylül University
- Ain Shams University
- Autonomous University of Nuevo León
- Central Connecticut State University
- Louisiana State University
- Georgia Institute of Technology
- University of Alabama in Huntsville
- Iowa State University
- Columbia University
- Rochester Institute of Technology
- University of North Carolina
- Liberty University of Virginia
- Full Sail University
- Jordan University of Science and Technology
- Deakin University
- George Mason University
- Instituto Tecnologico de Las Americas
- Gadjah Mada University
- Arizona State University
Just detonated ransomware on my ransomed computer. Now the ransomware group is being ransomed so they can get their ransom from me.
Читать полностью…
There have been multiple instances now where we end up speaking with Chief Executive Officer's at large, and well-known, cyber security company's.
Ultimately during the course of our conversation we end up responding with kitty kat pictures.
Each time they're confused 😂😂😂
Imagine being the big-boss of some place and unironically having to deal our dumbasses because we're the only morons willing to collect malware material at this scale😂😂
We've sanitized the vx-underground malware ingestion releases for May, 2024. All samples are now named correctly. We're now processing June and July 2024.
It's literally only malware 🥺
(Bradley is a dumbass and took the photo upside down, it's supposed to be w00w00)
Читать полностью…
I got social engineered into giving an interview for BreachedForum.
They impersonated CyberScoopNews. It seemed strange the journalist was using a Gmail, but I never thought I would be tricked into a vx-underground interview.
Solid impersonation, silly goof.
10/10
We're so back.
We're correctly labeling our malware collection and filtering out the non-malicious files
vx-underground was created to store malware source code, samples, and papers that I liked.
Since 2019 nothing has really changed except I got a team of friends, some help, and some malware source code, samples, and papers.
VXUG in 2019:
https://web.archive.org/web/20190522032703/http://vx-underground.org/
On Tuesday, August 20th, 2024, the United States Department of Justice did a press release on the most intelligent person in world history.
Jesse Kipf, 29 of Somerset, Kentucky, USA, owed a total of $195,758.65 in child support. Jesse, being a true intellectual, decided to the best decision was to compromise the United States Hawaii Death Registry System, using stolen credentials from a physician in a different state outside of Hawaii, and insert himself into the Death Registry. Additionally, he used his own name, Jesse Kipf, to assert his own death and certified his own death using the name Jesse Kipf
tl;dr Jesse Kipf died, death was certified by the deceased Jesse Kipf and corpse of Jesse Kipf was verified by the deceased Jesse Kipf (recursive death certification and verification?)
The death certificate was signed by a different physicians stolen signature.
He was sentenced to 6 years and 7 months in prison for being a true intellectual.