14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Day 2/???
Restoring virus-dot-exchange.
We have malware
The past couple of weeks we've noticed Threat Actors hijacking expired bit-dot-ly hyperlinks to push rug pulls and fraudulent meme coins**
In this particular case, they've used it to push AI generated pornography of President Trump
*Cryptodraining nerds corrected us. Initial post we incorrectly said these are drainers. These are not drainers. These are campaigns aimed to push misleading people into purchasing a meme-coin to then subsequently get rug pulled.
*Cryptodraining nerds have notified us bit-dot-ly has introduced additional precautions to combat the recent surge of hijacking expired short links.
> wake up
> go poop
> get out of bed
> check dms
> scammers asks "how were you scammed"
> never said we were scammed
> tries to scam us
> doesnt elaborate
United States foreign adversaries and financially motivated Threat Actors seeing the new FBI Director
Читать полностью…
This is a clip from: "You Fired A Tech Genius" produced by ReelShort.
Originally found by malwrhunterteam, cross-posted from X
We're throwin' up gang signs at the computer monitor to some underpaid help desk representative in Massachusetts (we're gangsta, dawg)
Читать полностью…
mfw canadians politely correct us, americans call us fat retards
Читать полностью…
United States***, sorry. Our smart man paper reading thingies are from taco place and maple syrup land, can no think good no more
Читать полностью…
To comply with United Stated law any user visiting our website from Canada or Mexico will be tariffed 25%. Chinese users will be tariffed 10%
Visitors from Mexico fee: $0.
Visitors from Canada fee: $0.
Visitors from China fee: ¥0
We apologize for this inconvenience.
Chat, we were lied to this entire time. It's been nothing but anti-clippy propaganda.
Someone has produced a new clippy for Windows 10 and Windows 11
https://github.com/FireCubeStudios/Clippy
> make clippy guy
> provide him with basic animations
> install local deepseek
> put deepseek in clippy
updates to vxug but its saturday and playing roblox with da homies (were hardcore gamers) (need free robux plz)
Читать полностью…
Today the US Cybersecurity and Infrastructure Security Agency (CISA) reported a backdoor on two patient monitors.
As cybersecurity people, we find this deeply troubling. As malware people, we find this cool and badass.
https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/
tfw another health insurance company has been compromised
Читать полностью…
Plankton: The Movie, scheduled for released on Netflix March 7th, 2025, has been leaked online.
SpongeBob fans are mocking Netflix in the comment section of the movie trailer, the movie is being widely distributed on X by various sock accounts.
Today a Threat Actor(s) operating under the moniker "FutureSeeker" claimed to have compromised TrumpHotels-dot-com.
The Threat Actor(s) appear to have compromised TrumpHotels e-mail notification system. Specifically, the service responsible for reminding and/or verifying reservation details for guests. The data present includes:
- UniqueId (SQL Table)
- First name
- Last name
- Email
- Creation Date
- Unit ID (N/A)
- Status
- Last updated
- Expiration Date
- Sampling exclusion
164,910 records are present in the data dump.
The data exfiltrated from the Threat Actor(s) range from January 18th, 2018 to January 15th, 2025.
While the information does unveil the guests present at the hotel(s) operated by the Trump organization, no PII from guests (omit name, e-mail, reservation date) are present within the data dump. Furthermore, the information does not include wherein the guests resided or date of departure from the hotel(s).
Based on review of the data we do not believe this compromise to be politically motivated or financially motivated. Rather, because of the recent inauguration of the United States president, we perceive this compromise as a way for the Threat Actor(s) to verify their legitimacy as a Threat Group and/or Actor.
We're still in the process of restoring the virus exchange data. In the meantime, as we process and restore data, we can now get real accurate data.
Unique samples:
APTs: 36,547
APK Collection: 24,553
Virusshare.00000: 87,072
Virusshare.00001: 70,927
Virusshare.00002: 37,847
Virusshare.00003: 122,306
Virusshare.00004: 113,896
Virusshare.00005: 99,708
Samples restored: 592,856
Remaining: idk, like, 39,400,000
pov you meet the twitter comment section computer experts irl
Читать полностью…
Try not to cringe level: DEATH WISH
The entire 71 minutes of the pilot episode. Do you have what it takes? Can you survive 71 raw action packed minutes of Erik Martin and his hacker skills?
Viewer discretion advised. Cringe is lethal.
https://www.dailymotion.com/video/x9cu5dq
The fight between our previous hosting provider has escalated. Instead of exchanging passive-aggressive (yet professional) e-mails, we will be restoring the entire 20TB collection from a local NAS on a residential line.
We keep it gangsta, dawg
Correction:
We made a post about the recent legislation changes between the United States and Canada impacting social media. We have been corrected by our Canadian friends that this has been the case for several years in Canada now due to laws to combat misinformation.
We were mislead by social media discussions to believe that this is the result of tariffs. Current discussions (primarily from Americans) suggest these blocks are new.
tl;dr misinformationed by Americans, or political agendas, whatever
Besides being malware experts, we're also business extraordinaires (we're bad at both)
Читать полностью…
Updates:
- Massive APT paper and APT sample ingestion. It ranges from October, 2024 to January, 2025. All papers were aggregated from the work of staff member f0wlsec. You can stop asking about APT collection updates. The updates are here. It is roughly 2,000 malicious binaries.
- Migration of primary website (vx-underground) is virtually complete. All backend content has been moved. Front end performance issues have been resolved. This is thanks to staff member guessthepw and our friends at TorGuard
- We are actively working on migrating virus-dot-exchange still. Due to the large size of the bucket (in excess of 20TB, approx.) we've been exchanging passive-aggressive (yet professional) words with our previous hosting provider. They are sort of unhappy with us writing code which is indexing, and rcloning, 40,000,000+ malicious binaries. We are forced to break the previous bucket down into sub-buckets and then migrate them.
- Black Mass Volume III is still in production. However, we regretfully announce following the release of this issue, staff member b0t will be resigning from his position. He is moving to greener pastures.
If no one else does it, we'll unironically make this, open source it, make it available for download because ???
Clippy is back mfer
tried running free_robux.exe and now my wallpaper is different wtf
Читать полностью…
In other words, for the low price of $848, you can purchase (probably) state-sponsored malware that was designed to exfiltrate your healthcare information
Читать полностью…
More information: https://www.justice.gov/opa/pr/four-members-online-neo-nazi-group-exploited-minors-charged-producing-child-sexual-abuse
Читать полностью…