vx-underground

03 Aug 2024 14:55

"I like Elephants and God likes Elephants" — Terry A. Davis on 16bit Elephant artwork on TempleOS

vx-underground

03 Aug 2024 05:43

Legitimate pornography sites are significantly less likely to deliver malware because they want your money. If anything, it'll just blast you with affiliate advertisement scams. You're x10 more likely to get malware from arbitrarily executing random game cheats for Fortnite

vx-underground

02 Aug 2024 22:53

It adds up to an additional 948Gb+ A MONTH in storage. Hopefully compression saves us a little on storage.

(please give us money, dear god)

vx-underground

02 Aug 2024 15:43

This morning we learned we are infamous.

define: infamous
"well known for some bad quality or deed. wicked; abominable."

Cool 😎

vx-underground

02 Aug 2024 08:02

Bringing in 500GB+ of malware a month on a budget of a Red Bull and a slice of pizza

vx-underground

02 Aug 2024 02:55

Earlier today, around 9 hours ago as of this writing, Convergence (some crypto shit, we honestly have no idea what it is) confirmed a compromise – alerting it's userbase. PeckShield noted the discovery of a bug in their CvxRewardDistributor contract, which resulted in the theft of roughly $210,000.

Subsequently, 6 hours ago Starknet announced their Discord was compromised and sending users crypto-drainer links.

vx-underground

02 Aug 2024 01:32

It's either that or our parser is broken 🤔

vx-underground

01 Aug 2024 22:32

Today the United States, the Russian Federation, and Germany did a prisoner swap.

Most notably:

Roman Seleznev a/k/a Track2, is being returned to the Russian Federation. Seleznev was a prominent member of carder-dot-su. Seleznev developed automated systems for systemic identity theft and credit card fraud. He is estimated to have stolen over $50,000,000

Vladislav Klyushin, is being returned to the Russian Federation. Klyushin was a notorious hack-to-trade fraudster. He and his group compromised organizations to get perform pseudo-insider-trading which resulted in profits over $93,000,000.

Videos released today via the Kremlin shows President Vladimir Putin greeting prisoners as they set foot on Russian soil once again. Here is the clip of Roman Seleznev shaking hands with Vladimir Putin.

vx-underground

01 Aug 2024 06:46

POV: You just joined a Telegram chatroom and you haven't even typed a single word yet

vx-underground

01 Aug 2024 04:13

POV: It's 2003, you're in your bedroom, you just limewire'd some totally cool new music, you're working on your xanga profile, and disrespecting people registering on myspace

vx-underground

31 Jul 2024 17:27

We are happy to announce that finally, after harddrive purchasers waiting 4.5 months, we have received all of the harddrives from the manufacturer.

Moving forward we're going to completely redo how we handle shipping goods because 4.5 months is ridiculous.

Pic unrelated

vx-underground

31 Jul 2024 02:51

We gotta start making more money some how because we're about to be sharing so many samples daily it'll literally cripple us financially 😂😂😂

vx-underground

31 Jul 2024 01:40

Zscaler's ThreatLabz 2024 ransomware report shows confirmation of DarkAngels ransomware receiving the largest ransomware payment in history: $75,000,000

To put that into perspective: someone could buy 524 2024 Mercedes-Benz G Wagons with this money

or buy 6,000,000,000 Robux...

vx-underground

30 Jul 2024 19:35

Full article (paywalled): https://fortune.com/2024/07/27/ferrari-deepfake-attempt-scammer-security-question-ceo-benedetto-vigna-cybersecurity-ai/

vx-underground

29 Jul 2024 16:10

In September we will be doing a fundraiser. We will be auctioning away 5 limited-edition holographic vx-underground Yu-Gi-Oh cards.

We only have 5.

vx-underground

03 Aug 2024 05:46

We unironically tried to get malware from bootleg pornography sites. We got inundated with phony PC support call center scams, but we got tons of malware from game cheats linked on YouTube.

> Fortnite Cheats 2024 [Working]
> MediaFire download link in bio
> Cheats.exe
> Redline

vx-underground

02 Aug 2024 23:38

A bunch of SIM swappers were arrested today in Canada. Some are now on the run. Currently too sleepy to do a full write-up so read it or research it yourself.

https://ca.finance.yahoo.com/news/ten-people-arrested-more-100-170910027.html

vx-underground

02 Aug 2024 22:51

We're happy to announce a new category for malware samples. The malware ingestion category!

The malware ingestion category is samples submitted to us from individuals. It's roughly 25,000+ new malware samples a day.

Yay!
https://vx-underground.org/Samples/MalwareIngestion

vx-underground

02 Aug 2024 08:20

This Xitter profile AI roast thing is supposed to roast you. This thing didn't even roast us – it just spoke the truth for a few sentences.

vx-underground

02 Aug 2024 02:56

What does this mean? We have no idea. We don't do crypto stuff. We let ZachXBT handle that kind of work. We do however know nerds are screaming at us about it, so that means we have to mention it.

¯\_(ツ)_/¯

vx-underground

02 Aug 2024 01:47

Exciting news.

1. Thanks to JaffaCakes118 and Neiki we are now collecting roughly 20,000 unique malware samples a day. Some days we break 30,000 samples. Thanks to them, petikvx, and virussign we are now ingesting over 1,000,000 samples a month. Yay!

2. This is actually pretty expensive. Ingesting, compressing, archiving, and distributing this much malware, on top of the normal traffic vx-underground receives, brings our current monthly web traffic average to 270TB – or 3.24PB of web traffic a year. Thank you to our friends at Cloudflare who have helped us so much with this traffic load.

3. Thank you to everyone who donates and sponsors us. This isn't an easy task while charging $0.00. Thank you to our largest financial contributor, Malcoreio and our largest monthly donor, TorGuard. A special thanks to our largest individual donor HackingDave.

vx-underground

02 Aug 2024 01:32

RansomHub ransomware group claims to have ransomed text/html; charset=utf-8

ÿÿJW®br잝Pu5o*n·a↓ ⁿΓm╬▄à%^û♫}┬3?

vx-underground

01 Aug 2024 06:54

Join the club. We also have no idea what the fuck we're doing.

vx-underground

01 Aug 2024 04:15

Bonus: your homie hits you up on AIM, or Yahoo, or MSN, and tells you about how excited they are for Tony Hawk's Underground

vx-underground

31 Jul 2024 20:01

Which cat poses the biggest security threat to your organization?

vx-underground

31 Jul 2024 04:49

"I've just gotta lock in", says IT professional on verge of suicide

vx-underground

31 Jul 2024 01:43

We had to convert USD and real-world value things into Robux because some of our younger audience members don't seem to comprehend the vastness of this stolen money.

They do however seem to understand Robux because that's the only exposure they've ever had to economics.

vx-underground

31 Jul 2024 00:45

vx-underground Roulette:

A binary which generates a random number using a seed you provide. If an even number is generated, you win. If an odd number is generated, a random binary payload off the VXDB is detonated on your machine.

vx-underground

30 Jul 2024 19:34

A few days ago Fortune magazine did an article about Ferrari disclosing an attempted cybersecurity breach via social engineering.

tl;dr social engineering using ai / deepfake voice

Sometime earlier this month (July, 2024) a Ferrari executive began receiving unusual text messages from an individual impersonating Ferrari Chief Executive Officer Benedetto Vigna.

Interesting, the impersonator called the (unidentified, target's name was not disclosed publicly) executive. The caller is suspected to have used AI and/or deepfake technology to mimick Benedetto Vigna. The unidentified executive stated the tone, the language, and the accent were perfect. However, some of the language seemed unusual. The executive then asked the impersonator: "Sorry, Benedetto, but I need to identify you. What was the title of the book you had just recommended to me a few days earlier?"

The individual, unable to answer the question, terminated the phone call.

This is one of the first major, and publicly disclosed, social engineering attempts via AI / deepfake technology that we're aware of. The Threat landscape is slowly shifting (as is tradition).

vx-underground

29 Jul 2024 15:54

A few days ago we were alerted to Roblox 'cheaters' (we're using that term loosely) being impacted by malicious code in their 'cheat tool'.

tl;dr malicious script is malicious

The tool being used by Roblox nerds, Wave Executor, executes scripts. In the event a user intentionally, or accidentally, executes a malicious payload, then of course it is going to be malicious.

If you ran a malicious powershell script would you be surprised it was malicious? If you copy-pasted a malicious Python script into IDLE and executed it, would you be surprised it's malicious?

The screenshot circulating is not indicative of some ultra-1337 Roblox cheat exploit – the user, or proof-of-concept developer, detonated a malicious script. The primary security threat posed to Roblox nerds is, as previously stated, nerds accidentally detonating malicious scripts. We don't expect a script-runner tool designed for Roblox to attempt to determine whether or not something is malicious.

Just be careful copy-pasting code into your script-thingy – or don't, whatever.