14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Mistranslation: "he'll get fucked for my sins" – implying the wrong person will be arrested.
Читать полностью…
Lockbit ransomware group has made a statement to the FBI. It says: "The FBI is bluffing, I’m not Dimon, I feel sorry for the real Dimon))) oh, and he’ll get pussy for my sins)))"
Читать полностью…
The leader of Lockbit ransomware group had an iCloud email 😭😭😭
Читать полностью…
Today the United States Department of Justice unveiled the leader of Lockbit ransomware group.
Читать полностью…
In roughly 9 hours the United States Department of Justice is scheduled to unveil the identit(ies) of Lockbit ransomware group leadership.
Through extensive research and investigation we have several theories on whom the leader(s) really are.
We share information on someone getting hacked, or a cute kitty cat, or a meme, 10000000+ likes and retweets.
We work hard to add data and it's crickets.
"Can Java be in the light bulb?", asked like a true degenerate internet nerd
Читать полностью…
Today Lockbit ransomware group began listing dozens of ransomed companies. Let's review them!
Posts today that are new or not indexed:
- HtcInc (new and/or not indexed)
- Irc Be (new and/or not indexed)
- GeoTechEnv (new and/or not indexed)
- Svenskakyrkan (new and/or not indexed)
- TDT Aero (new and/or not indexed)
- Kras hr (new and/or not indexed)
- Eviivo (new and/or not indexed)
Websites that don't exist (???):
- Sunray-dot-com (website listed doesn't exist)
Data posted but its repeat data:
- ChuzeFitness (originally posted 2023-12-19)
- FoxSemicon (originally posted 2024-01-19)
- Alfiras (originally posted 2024-02-09)
- Smbw (originally posted 2023-12-26)
- Cms Law (originally posted 2023-12-13)
- Denave (originally posted 2023-12-07)
- SunnyDesigns (originally posted 2023-04-25)
- PTOW (originally posted 2023-04-25)
- Peachtree-Medical (originally posted 2023-04-25)
- AtlanticEye (originally posted 2023-04-25)
- Central-K12-OR-US (originally posted 2024-03-05)
An unknown Threat Actor(s) claims to have compromised International Baccalaureate Organization (IBO), a nonprofit foundation headquartered in Geneva, Switzerland.
We have briefly reviewed the data and from a high-level overview this breach looks legitimate and like they've got everything... They've released nearly 100 photos as proof and the proof is damning
Today we spoke with Lockbit ransomware group administrative staff regarding the return of the old domain and new messages from FBI, NCA UK, and EURPOL.
Lockbit ransomware group states law enforcement is lying.
Lockbit also said and quote: "I don't understand why they're putting on this little show. They're clearly upset we continue to work."
Lockbit insists they will continue to work and will continue to "bring" new victims.
In roughly 36 hours the FBI, NCA UK, and EUROPOL hint at unveiling the identity of the leader(s) of Lockbit ransomware group and the identities of more ransomware affiliates.
Nevermind, they got bonked now – was enjoying some ice cream and watching Brooklyn Nine-Nine until nerds began blowing up the phone.
Читать полностью…
Today Lockbit ransomware group's website has been seized (again).
The new server hijack mocking asks Lockbit ransomware group administrative "What have we learned?" and states they will unveil more identities of ransomware operators behind Lockbit (possibly the leaders too)
Hello, how are you?
We hope everyone had a good week and is enjoying their weekend thus far. Today is the day of rest.
Enjoy your Sunday.
Yesterday (or whenever, we don't care enough to get the exact date) F-Society ransomware group claimed to have compromised Bitfinex.
This compromise is a hoax. Bitfinex was not compromised. The 'stolen data' is just a list of username:password combinations from GitHub.
The United States Department of Justice has unsealed the indictment against Dmitry Khoroshev a/k/a LockbitSupp.
We have downloaded and archived it. You can check it out here as "lockbit_indictment.pdf"
https://vx-underground.org/tmp
Today the United States Department of Treasury announced sanctions against Dmitry Yuryevich Khoroshev a/k/a LockbitSupp, the individual believed to be the leader behind Lockbit ransomware group
https://home.treasury.gov/news/press-releases/jy2326
Today we learned that the United States Justice for Rewards program, ran by the U.S. Department of State, follows us on Twitter.
We retract every meme we've made about the U.S. government. Please don't send us to Guantanamo Bay.
We are also sorry you have to see our shit posts
CrowdStrike has made a badass ... statue? Doll? For Scattered Spider at RSA conference.
Thank you ddd1ms for the photo. You knew we'd love to see some shrines
Hello, we have a large update.
We've updated the vx-underground malware samples collection:
- Bazaar.2024.04
- Virussign.2024.04.28
- Virussign.2024.04.29
- Virussign.2024.04.30
- Virussign.2024.05.01
- Virussign.2024.05.02
- Virussign.2024.05.03
- Virussign.2024.05.04
- Android.Mobtes
* Tomorrow 39 new APT papers and/or samples will be added for the month of April, 2024
Paper updates:
- The Old New Thing – April, 2024
* Tomorrow 200+ malware reverse engineering or detection papers will be added for the month of April, 2024
Mildly interesting note: Lockbit ransomware group keeps posting ransomed companies. 75% we've seen before. However, the recent listing of 'Yucatan' was initially ransomed by ALPHV on 2023-04-13
(unless it's a different Yucatan)
Hello, how are you?
We are returning to our scheduled day of rest.
PLEASE – no one else do anything crazy. It's been an abnormally crazy Sunday. Everyone put their metaphorical internet cyber guns down and relax.
Have a nice day and/or evening.
Will law enforcement actually unveil the leadership behind Lockbit ransomware group?
Will law enforcement indict more ransomware operators?
What has law enforcement secretly been doing?
What will the press release say?
Find out on the next episode of Dragon Ball Z
FBI and NCA UK right now after seizing Lockbit ransomware groups website for a 2nd time 😭😭
Читать полностью…
It is the day of rest. However, the FBI and NCA UK apparently do not believe in this. We are upset by this. Both organizations can now redeem one (1) monkey bonk at their time of choosing.
Читать полностью…
Telegram nerds,
Per request (multiple requests...) we will enable comments on posts on Telegram. We will do it some time next week, whenever we get around to it. Please try to keep it civil (we know you won't, you're all a bunch of degenerates, but please try).
Have a nice day.
If you or someone you know recently commented on this situation without verifying the validity of the data please deploy one (1) monkey bonk.
Thanks,
Update:
Someone asked for a comment from Synology. Synology confirmed they were targeted by (what they believe to be) a spear-phishing campaign in April, 2023.
tl;dr the data is old. No ransomware was deployed. The company is not impacted.