14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
We are now officially 5 years old everywhere on the planet.
Except Anchorage, Alaska but we're not staying up any longer. We're old and it's way past our bed time.
We'll start selecting winners of free stuff later today.
Cheers.
Ali Diamond, the lady from Hak5, bought a vx-underground harddrive... and then got photos taken as if it were a baby? She paid for a professional photoshoot and named it Diva
https://www.youtube.com/watch?v=NIpOeHFYZrM
Dear DEFCON DDV nerds,
Please contact us.
Thanks,
(Initially we said we'd send the data to them, but being of extremely high IQ, we didn't realize uploading remotely from a local copy would take way too long.)
We've updated the vx-underground malware families collection
- StealC
- RisePro
- RaspberryRobin
- Android.Vultur
- QuasarRAT
- DarkGateLoader
- DinodasRAT
- NokoyawaRansomware
- Latrodectus
- IcedId
- InstatWiper
- Gafgyt
- CobaltStrike
- Glupteba
- DoNexRansomware
- AsyncRAT
Sunday is our 5 year anniversary. We we be celebrating 5 years of disorganization, typos, accidental misinformation, and being labeled criminals over 9000 times.
Sunday we will be giving away 30+- vx-underground 5 year anniversary shirts. It will be $1,000 worth of merch all sponsored by our friends at TorGuard.
Additionally, we will be giving away 1 vx-underground harddrive, this drive contains everything on the vx-underground site — roughly 13TB of malware material (although it is compressed to just over 5TB). It is password protected. If you ask for the password you WILL be monkey bonked. This drive is possible due to an individual not correctly reading emails and people banding together to make sure we don't lose any money. In summary, this giveaway is sponsored by YOU :)))
If you're not interested in participating in the giveaway you can also buy the shirt. It will be available on our merch store starting this weekend too. It will ship everywhere except North Korea, Russia, and whatever else is sanctioned by the United States government.
If you're in Russia and want to buy a shirt, have your friends in the UAE buy a shirt and have them send it to you.
If you're in North Korea and want to buy a shirt, please just try to escape the country instead.
Thank you everyone for the love and support over the past 5 years. We are looking forward to Sunday. It's going to be an exciting day.
Love you 😘
This year we will be working with nerds from DEFCON to ensure the complete vx-underground collection is available at DEFCON in the data duplication village
Bring a 8TB+ drive to DEFCON if you want a copy of the data.
Today has been a whirling wind of chaos.
tl;dr we don't know anything. We need solid proof.
First, earlier this morning the current owner of Doxbin, Operator, was allegedly beaten and kidnapped. Footage released by the would-be kidnappers shows, presumably Operator, tied to a pole and being punched and kicked. However, many viewers immediately expressed doubt on the footage and some said it's a 'detrace' operation — essentially an exit strategy for Operator.
We do not know the truth. We can only speculate. It is strange.
Secondly, BreachForum was seized today. Following the takedown there were lots of rumors floating around about Breach being a honey-pot, that key members have been arrested, etc. While this may certainly be true, there is no confirmation from law enforcement agencies on arrests or indictments. ShinyHunter, the other administrator of the website, has stated the other administrator, Baphomet, has been arrested. While we don't doubt this (ShinyHunter of all people would probably know), we would like an official Department of Justice announcement or court document confirming these statements.
What we can say though is that although Breach is gone, we are certain another forum will appear (eventually) to fill the power vacuum. It's only a matter of time.
Anyway, looking forward to Breach and/or Raid rebrand number 4!
The Breach telegram is now under control of the United States Federal Bureau of Investigation
Читать полностью…
Last post of the morning. We've got work to do.
tl;dr nerds enumerated the merch site trying to pre-buy the 5 year anniversary shirt. Some of you found it. If you try to buy it and it's botched that's on you. You can tell it's in the preview phase because BradleyVX wrote it's delivered by horse.
Why would you want to pre-buy an item that may not even be working? It says its delivered by a horse like it's the 1700's
You're all degenerates and we love you for it.
Good morning,
Yes, we have heard the news about the owner of Doxbin allegedly being kidnapped and beaten. Yes, we have also received messages saying its a paid actor and an attempt to 'detrace' himself.
Thank you to everyone who notified us.
Love you ♥️
Hello, how are you?
We've updated the vx-underground malware collection. Additionally, per request, we have shared some more photos of peoples pets. They asked that we share them and we happily obliged. Animals are cool and badass
Newly added:
- InTheWild.0123
- InTheWild.0122
- Virussign.2024.05.09
- Virussign.2024.05.10
- Virussign.2024.05.11
- Virussign.2024.05.12
- Virussign.2024.05.13
- Virussign.2024.05.14
- Virussign.2024.05.15
Total: 61,000+- malware samples
Have a nice day.
Hello,
Exciting news.
In case you missed it, earlier today an individual requested a refund via PayPal for a vx-underground harddrive. They failed to read the e-mails we sent them. The PayPal inquiry hurt our wallet, because we don't have a lot of money.
In an extreme act of kindness many of you came together and donated money to us to make up for our loss. We made our money back in less than 30 minutes.
May 19th, on our 5 year anniversary, we are going to giveaway $1,000 of the limited edition vx-underground 5 year anniversary shirt (5 horsemen of the apocalypse, the attached image) and 1 vx-underground HDD (13TB of malware, all our papers, etc).
Thank you everyone for the supreme act of kindness. See you Sunday 🫡🫡🫡
Hello,
We've updated the vx-underground paper collection. We've added 118 new malware analysis papers courtesy of our friends at malpedia. It's too much to list, but it's a doozy.
New malware development papers:
- 2012-09-19 - Knockin on Heavens Gate - Dynamic Processor Mode Switching
- 2020-02-03 - Hooking Heavens Gate - a WOW64 hooking technique
- 2022-07-16 - Process Injection using QueueUserAPC Technique in Windows
Hello, how are you?
Next week we have hundreds of malware reverse engineering papers to add, some malware development papers, and thousands of malware samples.
But, today is the day of rest. We will see all of you on Monday
Please don't do anything crazy.
Love you
One thing we have learned over the years is nerds hate ads. Nerds will fight you to death over ads.
We say this because it's been announced EA games will soon begin putting ads inside of their video games.
More information: https://www.tomshardware.com/video-games/ea-is-looking-at-adding-in-game-ads-in-aaa-games-well-be-very-thoughtful-as-we-move-into-that-says-ceo
Thank you to our friends in Ukraine for the lovely picture. The gang signs makes it extra cool.
Читать полностью…
> announce giveaway
> leave computer
> return to "vx-underground" trending in cyber security on Twitter
> "vx-underground seeks help amid cyber chaos"
> ???
> t-shirt giveaway has thousands of comments
5 year anniversary giveaway broke twitter ai
We're giving away free stuff on Twitter because we turn 5 tomorrow. Go over to Twitter if you want to try to win free stuff.
https://x.com/vxunderground/status/1791819677460496465
We will be celebrating*, right off the rip we fuck it up.
Читать полностью…
No, we won't be at DEFCON. Core staff members are malware monks that don't go outside.
Читать полностью…
User vxdb on Twitter is not associated with vx-underground. They just by chance have the letters "vx" in their name.
We have no affiliation with them.
Please stop asking us about their posts because we have no idea.
But, it is a cool Twitter handle though
Waiting for the Department of Justice to issue a statement regarding the Breached takedown
Читать полностью…
BreachForum has been seized again.
The current display page states the forum is now in control of the United States Federal Bureau of Investigation and is being reviewed.
It also displays a photo of the current administrators Telegram profile pictures, but behind bars.
Note: we don't know what's the truth and what isn't. It's Wednesday, my dudes
Читать полностью…
Today a Threat Actor operating under the moniker IntelBroker, and (presumably) his associates, claimed to compromised Patriot Mobile.
Patriot Mobile has self-described itself as "America's only Christian, Conserative wireless provider" – based out of Grapevine, Texas.
The data exfiltrated is roughly 65,000 users PII which includes:
- Account PIN
- Full name
- Email
- Credit Score
- Address
- Date of Birth
- Last 4 digits of social security number
- Account balance
- Referrer
and more...
The information disclosed is not something terribly detrimental to the security of customers of Patriot Mobile. It's primary usage for abuse would be aiding in doxxing someone.
Although unrelated, this is the 2nd time recently where a conservative organization (the first being conservative news outlet The Post Millennial) was compromised.
After reviewing some of the exfiltrated data it is also mildly interesting that the website has checkout discount codes labeled: "Glenn Beck", "Donald Trump Jr.", "Blaze", and "Rightside Broadcast Network (Trump Rally)"
Shout out to Discord for putting advertisement banners in our voice chat channel.
(We hate it)
Order 1972,
Congratulations! You're the first person ever to receive this error from our merchandise producer.
50 character e-mail address? Really?
We've recently had an influx of people asking if @LockbitRewards on Telegram is the Federal Bureau of Investigation. Yes, it is actually the FBI. If you Google "LockbitRewards" you'll find it listed by the United States Department of Justice and United States Department of State.
If you decide to message them we advise you do not self-snitch. It is poor practice to openly admit crimes directly to the FBI.
(someone thought it was a gag account and was actually self-snitching)
When we initially heard the news about this breach it seemed insignificant because it was removed from Breached. Shout out to Lawrence Abrams and Bleeping Computer for doing their due diligence and researching this compromise more.
Читать полностью…