14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
January 28th, 2025**
Sorry, keep accidentally writing 2024 on things. I've forgot what year it is.
Note: It's been rolled back. Linux is no longer a crime on Facebook. It was probably an automated system being oopsie-doopsie. It's still funny seeing Linux being temporarily banned and enraging nerds
Читать полностью…
Around January 19th Facebook began flagging Linux topics as 'cybersecurity threats'. Facebook users reported they're unable to share posts to websites such as DistroWatch
Linux is illegal and for nerds
Today the United States Federal Bureau of Investigation seized several more prominent Threat Actor forums.
- cracked-dot-io
- starkrdp-dot-io
- nulled-dot-to
- mysellix-dot-io
The DNS records for the forums have been changed to ns1.fbi.seized-dot-gov.
"You can't trust DeepSeek because it's from China"
Oh yeah? My pants are from China too. So now what? I can't trust my own pants?
This isn't even close to all of the bashful comments — got tired of screencapping them.
Читать полностью…
If you don't get the reference: Amazon's Just Walk Out AI technology was 1,000 Indian contractors
https://www.washingtontimes.com/news/2024/apr/4/amazons-just-walk-out-stores-relied-on-1000-people/
There is a Threat Actor(s) online impersonating Babuk.
You can tell they're a bunch of goobers because Babuk ransomware is a broken piece of crap which barely functions.
You have a better chance of being struck by lightning than Babuk successfully decrypting files.
🚨BREAKING🚨
According to a mysterious document published by DeepSeek titled "Terms and Conditions", DeepSeek does the following when you visit their website
- Record your IP address
- Record your user-agent
- Record your input into DeepSeek
- Stores it in their servers
Worst of all: they're headquartered in CHINA. This means the data is in CHINA. A company, who resides in China, is choosing to store their data in their own country (CHINA) as opposed to the United States of America (NOT-CHINA)
Yeesh.
Made a post about DeepSeek censoring Chinese government stuff because it was interesting. It quickly turned into a geopolitical debate and what-about-isms on Twitter
People need to seriously stop dissing Blue Team nerds. If you've ever tried to deploy malware against an enterprise network with an active Blue Team with software restriction policies, path-based execution restriction, a team that has an effective and up-to-date EDR (custom detection rules) coupled with an AV, and an active SOC..... it can be extremely challenging.
These Blue Team nerds are not dummies and they take their job extremely seriously
This reminds us of the time we received an e-mail saying they suspect vx-underground may have malware on it (it was a malicious perl proof-of-concept archived and saved as .txt)
Читать полностью…
I've released OCRMe — a tool developed from the research done by bmmaloney97
This commandline tool dumps the OCR content from Microsoft OneDrive Business. The tool is on GitHub and comes with a pre-compiled .exe if you're lazy.
ReadMe is in Main.cpp
https://github.com/vxunderground/OCRMe/
Updates to vx-underground:
- 2024-05-30 - Abusing the SeRelabelPrivilege
- 2024-04-24 - ETW-ByeBye Disabling ETW-TI Without PPL
- 2024-04-17 - Reconstructing Executables Part 1 Between Files and Memory
- 2024-03-28 - CveEventWrite notes
- 2023-12-15 - Intercepting console commands with ConDrv
- 2023-10-01 - RemoteRegistry service by abusing winreg named pipe
- 2023-09-23 - Demonstrating Projected Filesystems
- 2023-07-21 - Dumping UEFI Variables
A Nigerian sextortion campaigner has been extradited to the United States. Hassanbunhussein Abolore Lawal, a 24 year old from Osun State, Nigeria is facing a litany of charges.
In 2022 Mr. Lawal posed as a young teenage girl on social media. Mr. Lawal became acquainted with 17 year old Gavin Guffey and began sending him pornographic images and enticed Gavin Guffey to send pornographic images back.
Mr. Lawal subsequently used the photographs to extort Gavin Guffey. Mr. Lawal's harassment and extortion acts were so extreme Gavin Guffey took his own life July 22nd, 2022. Prior to ending his life he sent his loved ones a message. The message was "<3".
Mr. Lawal is facing the following charges:
- Child exploitation resulting in death
- Production and distribution of child sexual abuse material
- Coercion and enticement of a minor
- Cyberstalking resulting in death
- Interstate threats with intent to extort
- Aiding and abetting
Additionally, following the death of Gavin Guffey, Mr. Lawal tried to extort the family of Gavin Guffey which is pending additional charges of stalking and extortion.
Nigerian officials fully cooperated with the United States Federal Bureau of Investigation which resulted in the indictment of Mr. Lawal in October, 2023 and the extradition of Mr. Lawal January, 2024.
During the first official hearing on the case on January 28th, 2024, the parents of Gavin Guffey wore all black in the courtroom with t-shirts that display "<3" on them. Gavin Guffey's father, South Carolina Rep. Brandon Guffey, reported he felt "pure rage" when seeing Mr. Lawal for the first time and quote, "cracked my molars just gritting my teeth so hard".
Mr. Lawal reportedly did not make eye contact with the Guffey family for the entire duration of the court proceedings. He kept his head down. He plead not guilty on all charges.
Due to the severity of the crimes, Mr. Lawal is facing life in prison.
> be zuckerbroingston (has a chain now)
> fires fact checkers for being nerds
> moves to texas
> bans linux instantly
First the Federal Bureau of Investigation put RaidForums in a coffin, then Breached, and now their smaller competitors 😢
Читать полностью…
wtf I asked my pants what happened in tienanmen square and they turned into a pile of ash
Читать полностью…
Thanks to advancements in technology you can now watch advertisements while fueling up your car.
Читать полностью…
Chat, we engage back and see what the normies do (this is for science)
Читать полностью…
It's been 24 hours and we're still receiving negative comments and hateful remarks toward us over a satirical post.
The irony of people criticizing us for failing "to research" how computers work, without looking at our profile and realizing it's satire.
Pure gold
Maybe China is taking notes from Amazon and DeepSeek is actually 1,000 Indians in a warehouse
Читать полностью…
> make clearly satirical post
> read comments
> some people take it literally and don't get it
DeepSeek comes with 2 different models.
1. DeepSeek Xi Jinping Edition - Developed for the Chinese. Will provide Chinese propaganda
2. DeepSeek Ameriburger Edition - Developed for Ameriburgers. Will provide American propaganda.
Truly revolutionary work
Security researcher DuchyRE highlighted something interesting about DeepSeek AI.
If you ask about the Terrorist Attacks on September 11th, 2001 in the United States, DeepSeek will answer it. Furthermore, DeepSeek will provide criticism of the United States government (Image 1, Image 2)
If you ask DeepSeek about Tianamen Square in China in 1989, DeepSeek says it cannot answer that question. Additionally, DeepSeek is unable to produce any criticism of the Chinese government. (Image 3)
Mildly irritating things seen by malware nerds:
- Person saying {thing} evades EDR and/or AV, but they've never performed against an enterprise environment with an active Blue Team (they don't know what they're talking about). Yes, your payload avoided basic analysis, but stop disrespecting Blue Team nerds, you're seriously under estimating them.
- Person saying {language} is superior to {other language} for malware development. This is like watching Linux nerds argue about distros
- Person saying their malware is FUD. It is only undetected because you've successfully infected 4 machines running Windows 7. Large scale campaigns are difficult to run. Stop disrespecting reverse engineers. They're dealing with serious Threat Groups.
- Person saying {thing} is undetectable (in theory) because they've implemented over 9000 different evasion techniques. No, you've filled your binary with IOCs.
- Person dissing ransomware payloads, saying it is for noobs. This is both correct and incorrect. Writing single threaded ransomware is easy. Writing fast ransomware (thread pools, queuing, I/O completion ports) that can both encrypt and decrypt successfully regardless of file type and file size can be challenging.
- Anyone who references Mr. Robot when discussing malware.
Received this e-mail today.
It's been nearly 12 hours and we still cannot comprehend this e-mail. We STORE MALWARE. There is literally NOTHING ELSE on the website EXCEPT MALWARE.
??????????????????
Well how about that. It's 3:30am on a Sunday and we're cookin' ourselves again (as is tradition).
We're aware our data appears to be in some sort of quantum state — it both exists and does not exist at the same time. It's Schrödinger's malware collection
tl;dr fml
we see this stuff all the time. we can't tell if they're afraid of women, secretly homosexuals, or jealous a woman has a job
(if ur gay its all good, its 2025, go and kiss a bunch of dudes, we agree mr. kennedy is v v handsome and a total hunk)