vxunderground | Unsorted

Telegram-канал vxunderground - vx-underground

14367

The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh

Subscribe to a channel

vx-underground

Kim Zetter, a journalist who has been discussing national security since the late 90's, and was one of the few people to discuss the United States 'Stuxnet' worm with her book 'Countdown to 0day', was baited by the Twitter AI

Kim, we love you, we're so sorry 😭😭

Читать полностью…

vx-underground

> friend calls
> invites over
> ok_cool.jpeg
> ask for apartment address
> says "apt 29"
> mfw apt29

Читать полностью…

vx-underground

We will be mostly AFK for the remainder of the weekend. It is the weekend of rest – not just Sunday:)

Next week we will be adding new malware builders: Amadey (Panel), MetaStealer, and "Сборка 2.0". We don't know what Сборка 2.0 (Russian for 'Build 2.0') is.

Have a cat.

Читать полностью…

vx-underground

Russian speakers using smiley face "))" instead of ":))"

What Russian speakers see
vs.
What English speakers see

Читать полностью…

vx-underground

Hello,

We are looking for someone who is capable of transforming paper into an mp3 digital format.

If you or someone you know is a wizard please contact us.

Thanks,

Читать полностью…

vx-underground

Today Microsoft open-sourced MS-DOS 4.0.

You can check it out here: https://github.com/microsoft/MS-DOS

Читать полностью…

vx-underground

Hello,

We have 3 harddrives left in stock. Once the last 3 are purchased the cloning stage will begin.

- Each buyer gets a free duck (not a joke)
- My home is full of packing material (also not a joke)
- Buy them!!!!!11

https://www.vx-underwear.org/collections/vxug-collection

Читать полностью…

vx-underground

It appears we have deeply angered nerds who like unique usernames. We apologize for not being privy to username buying and selling. We will repent for our mistake by offering one (1) cat picture.

Читать полностью…

vx-underground

Our advice to anyone who wants to get a job in cyber security is to intentionally poop your pants in public.

You need to put yourself in difficult situations to understand how to overcome adversity in the every expanding threat landscape.

Читать полностью…

vx-underground

Yesterday The New York Times unveiled that General Motor's had accidentally enrolled millions of people into its "OnStar Smart Driver+" program. If consumers chose to not enroll through the phone app – it would do it anyways.

Unenrolling requires consumers to contact OnStar customer support line. However, some people do not trust them and have turned to stripping the electronic devices from their car.

The OnStar Smart Driver+ data was being sold to LexisNexis, and insurance companies, to modify insurance rates. The data sold was invasive and logged:

- Number of trips
- Miles driven
- Minutes driven
- Hard-brake vents
- Rapid accelerates
- Speeding events

The reporter from the New York Times requested a copy of their data and received it. See attached image.

Читать полностью…

vx-underground

Often time peoples forget how goofy antivirus companies used to be.

For example: in the mid 2000's when the Kaspersky AV detected malware on your computer it would trigger "Kaspersky Alert Sound 2". It grabbed users attention immediately.

See attached video for soundbites.

Читать полностью…

vx-underground

Learning about malware development, reverse engineering, detection, etc. is an entire career field. It is not something you can watch a few YouTube videos on and be set.

Either do it, or don't. The choice is yours.

Читать полностью…

vx-underground

Sometimes we think about those "recommended cyber security profiles to follow" posts. We've seen dozens of people recommending others to follow us.

We wonder how disappointed they are when they see Chicken Adventure 2 Mods or Boston Dynamic robots holding severed hands. 😭😭

Читать полностью…

vx-underground

Hello.

We've sold 8 vx-underground harddrives. Please buy the remaining 12 because we have way too much packing material.

This isn't a joke.

Thank you,

Читать полностью…

vx-underground

POV: The FBI raids you and finds you relaxing on the bed

Читать полностью…

vx-underground

Twitter AI is amazing. It took our satirical post about 'Stuxnet 2.0' and some mention of 'templates' into a serious trending post about cyberwarfare.

Читать полностью…

vx-underground

The most sophisticated exploit we've ever seen.

Thank you to wdormann for bringing this to our attention. This is basically Stuxnet. 2.0

Читать полностью…

vx-underground

Hello, we hope everyone is enjoying their weekend so far. We've made some updates to the vx-underground malware sample collection. Additionally, we have papers in queue but they have not been addressed yet.

Samples and families added:
- Virussign.2024.04.19
- Virussign.2024.04.20
- Virussign.2024.04.21
- Virussign.2024.04.22
- Virussign.2024.04.23
- Virussign.2024.04.24
- Virussign.2024.04.26
- InTheWild.0121
- InTheWild.0120
- SmokeLoader
- STRRAT
- TriangleDB
- QuasarRAT
- SnakeKeylogger
- NewBotLoader
- PikaBot
- PlanetStealer
- NetSupportRAT
- NjRAT
- LummaStealer
- EvilAntRansomware
- DarkGateLoader
- BunnyLoader
- DoNexRansomware

Читать полностью…

vx-underground

POV: You get into an argument with someone with an anime profile picture (you're going to lose)

Читать полностью…

vx-underground

MS-DOS comments 🔥🔥🔥

Читать полностью…

vx-underground

Hello,

We have a lot of super cool stuff happening behind the scenes. We think all of you will enjoy it.

In the meantime, please look at this random proof-of-concept images which totally aren't related to the vx-underground 5 year anniversary

Читать полностью…

vx-underground

In Japan – the Fukui Prefectural Police Echizen Police Station have created the "Virus/Trojan horse removal fee payment card" and the "Unpaid charges/delinquent charges payment card".

The fake cards, designed to combat telephone scammers, are positioned intentionally at convenience stores to assist police at identifying victims and safeguarding them from financial harm. When someone tries to purchase the card the police are immediately notified.

Upon placement in stores in November 2023, it immediately stopped 3 elderly people from being scammed in November and December.

No additional information has been released regarding the success rate. However, the police officers who came up with the idea were given a promotion in February, 2024.

Information via TopiLaron, ten_forward, and fukuinpmedia

Читать полностью…

vx-underground

A user has appeared on Twitter with the profile creation date of the Unix Epoch 😭

Читать полностью…

vx-underground

This morning our Intrusion Detection System (meemaw) identified two (2) highly sophisticated Threat Actors trying to brute force our access portal.

Viewer discretion advised

Читать полностью…

vx-underground

Today Avast unveiled 'GuptiMiner'.

tl;dr eScan AV, out of India, used HTTP for AV updates, not HTTPS, North Korea man-in-the-middle'd updates to large networks to deliver malware

We give this APT campaign an A+ because it's absurdly well executed

https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/

Читать полностью…

vx-underground

The United States FTC has banned non-compete agreements. We look forward to all of you creating a cyber security startup

https://www.ftc.gov/news-events/news/press-releases/2024/04/ftc-announces-rule-banning-noncompetes

Читать полностью…

vx-underground

"How can I learn more about malware?"

Our entire website is malware literature. Browse until something seems interesting and read it. If you don't understand it, search online until it makes sense or read a different paper.

There is no easy route. Stop looking for shortcuts.

Читать полностью…

vx-underground

There is heavy overlap with malware developers and video game cheat developers. When you follow this family tree you end up with the malware developers distant cousin – the video game modder.

Anytime we visit our "distant cousins" we find the strangest things.

Читать полностью…

vx-underground

Malware writing doesn't require programming experience. Just run this random .exe and it'll make any virus you want and it'll be 100% undetected

Читать полностью…

vx-underground

Someone used AI to make Lockbit ransomware groups statement regarding the FBI takedown ... into an anime-like EDM ... ?

You're all degenerates 😂😂😂

What happened.

On February 19, 2024 penetration testing of two of my servers took place, at 06:39 UTC I found an error on the site 502 Bad Gateway, restarted nginx - nothing changed, restarted mysql - nothing changed, restarted PHP - the site worked. I didn't pay much attention to it, because for 5 years of swimming in money I became very lazy, and continued to ride on a yacht with titsy girls. At 20:47 I found that the site gives a new error 404 Not Found nginx, tried to enter the server through SSH and could not, the password did not fit, as it turned out later all the information on the disks was erased.

Due to my personal negligence and irresponsibility I relaxed and did not update PHP in time, the servers had PHP 8.1.2 version installed, which was successfully penetration tested most likely by this CVE https://www.cvedetails.com/cve/CVE-2023-3824/ , as a result of which access was gained to the two main servers where this version of PHP was installed. I realize that it may not have been this CVE, but something else like 0day for PHP, but I can't be 100% sure, because the version installed on my servers was already known to have a known vulnerability, so this is most likely how the victims' admin and chat panel servers and

Читать полностью…
Subscribe to a channel