vxunderground | Unsorted

Telegram-канал vxunderground - vx-underground


The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh

Subscribe to a channel


NOTE: This 'maximum' punishment is worst case scenario. We don't believe he will receive 275 years in prison even if found guilty on all counts.

The Threat Actor responsible for the Kaseya supply-chain attack got 30 years in prison and they did way more damage.

Читать полностью…


It's so long, with so many offenses, we would have to make a special post on Xitter and then convert it to a PDF for Telegram. He is facing 20 charges related to cybercrime.

He is facing serious time in prison.

Читать полностью…


We also don't typically pay for news either. But they're ad-free and doing really good work.

They didn't ask us to post this either — but we have to give them praise for their coverage of information stealers, confirmation on Amazon breach-thingy, Snowflake, etc.

Читать полностью…


A woman's rant is going semi-viral in political circles on Twitter and Facebook. Some are citing her rant as evidence of potential electoral interference during the 2024 Presidential election.

The woman's opening remarks claim she possesses a CCIE (Cisco Certified Internetwork Expert) — a very prestigious certification which is often possessed by truly dedicated people.

Currently there are only 45,000 active CCIE holders worldwide. Only 3% of Cisco cert holders attempt it ... and only 26% pass — it has a 74% failure rate.

Now it should be stated that no one in our group possesses a CCIE. We do not claim to be network experts, we're just malware nerds. However, despite our lackluster understanding of networking (beyond the computer science basics of the OSI model), we can confidently say this woman does not possess a CCIE and we believe she is lying.

Additionally, we would like to note we did indeed watch this entire video. Despite this woman's jargon and clear ... plainly wrong information... we decided to give her a chance to speak her mind and opinion.

We do not recommend watching the entire 8 minute video. You will have no benefit from it. At roughly 4 minutes you will see, very clearly, this is not a technical person.

Читать полностью…


The current street value of malwares (decent quality) is $1,200 for 7,500,000 malwares.

A curated set of high quality malwares is roughly 15,000 malwares for $3,000.

It's hard to get high quality samples unless you're an AV and/or EDR vendor.

Читать полностью…


A Russian ransomware affiliate we know sent us this video.

Very cool.

Thank you for educating us on your culture. 🙏

Читать полностью…


We made it into the Discord! We only detonated a few malware samples.

1. DocKing (tried to launch weird MS Edge URL, payload failed)
2. We purchased alcohol (wine tasting site)
3. Wave browser PUP/ADWARE
4. Installed a cool AI web search engine Google Chrome extension named Givero. It links to some dead domain via HTTP

Читать полностью…


> be new to cybersecurity
> google cybersecurity discords
> bishopfox listed
> click to join their discord
> discord requires verification (image 1)
> verification site has tons of pop ups (image 2)
> massive pop up saying need to install thing
> annoying page appears
> lady talking giving instructions how to download file
> listen to polite lady and follow her instructions
> download per her instructions (image 3)
> its free malware (image 4)

Читать полностью…


Just kidding. We don't own an Alexa, or any of that IoT bullshit. God forbid it's compromised and some TA dumps 500 terabutts of peoples conversations in .mp3 format

Читать полностью…


The Malware researchers: New proof of concept released abusing undocumented API calls!!

The Threat Intel analysts: New state sponsored campaign from China!!!

vx-underground Staff: Balatro is like poker kind of but not really

Читать полностью…


Over my cold dead body.

Читать полностью…


Casio has been compromised.

It's all over for Instagram flexers.

Information via charliefrake

Читать полностью…


Shamelessly stolen from BratvaCorp

Читать полностью…


COVID19 2: Electric Boogaloo

Читать полностью…


> get call at 10pm
> weird long number
> answer
> people speaking Mandarin
> ???
> they say theyre from alibaba
> ask how vx-underground is going
> tell them its 10pm
> "is that a problem?"
> tell them we stopped using alibaba
> "is that a problem?"
> mfw

Читать полностью…


More details have emerged regarding the person alleged to be responsible for the Snowflake breach.

Connor Riley Moucka a/k/a Alexander Antonin Moucka a/k/a judische a/k/a catist a/k/a waifu a/k/a ellyel8 is facing the following charges:

1 count of Conspiracy 18 U.S.C. § 371 - conspiracy to commit an offense or to defraud the United States.

Maximum punishment is 5 years in federal prison.

5 counts of Computer Fraud and Abuse 18 U.S.C. § 1030(a)(2)(C) & 18 U.S.C. § 1030(c)(2)(B)(i)-(iii) - Intentionally access a computer without authorization or exceed authorized access with additional relations of:

i) The offense was committed for purposes of commercial advantage or private financial gain.
ii) Committed in furtherance of any criminal or tortious act, in violation of the Constitution or laws of the United States or any state.
iii) The value of the information obtained exceeds $5,000.

Maximum punish is 5 years in prison, 10 years in prison for repeat offenders.

2 counts of Extortion in Relation to Computer Fraud 18 U.S.C. § 1030(a)(7)(B) & 18 U.S.C. § 1030(c)(3)(A) - the Computer Fraud and Abuse Act (CFAA) that address extortion involving computers.

Maximum punish is 5 years in prison.

10 counts of Wire Fraud 18 U.S.C. § 1343 & 18 U.S.C. § 2 - Deceive or defraud someone to obtain money or property by means of false or fraudulent pretenses, representations, or promises and aiding and abetting.

Maximum punishment is 20 years in prison.

2 counts of Aggravated Identity Theft 18 U.S.C. § 1028A(a)(1) & 18 U.S.C. § 2 - Knowingly use, transfer, or possess another person’s means of identification without lawful authority during and in relation to certain felony offenses and aiding and abetting.

Maximum punishment is 2 years in prison, repeat offenders face 5 years in prison.

Connor Riley Moucka, if found guilty, is facing a maximum sentence of 275 years in prison.

Читать полностью…


The charges placed against Connor Riley Moucka a/k/a Alexander Antonin Moucka a/k/a judische a/k/a catist a/k/a waifu a/k/a ellyel8, the person alleged to be responsible for the Snowflake breach, is so large and extensive, it is difficult to make in a post.

Читать полностью…


We just became a yearly subscriber to 404 Media

This small group of people have some how been covering news related to government drama (non-political), privacy news, cybercrime news, malware news, internet oopsie news.

The underdogs are killin' it.

tl;dr support small biz

Читать полностью…


404mediaco spoke with Amazon today. Amazon has confirmed the legitimacy of the data breach.

We now understand why their CEO has made workers return back to the office — if you saw how much Amazon pays in office rent a year, your head would explode.


Читать полностью…


Someone sent us an e-mail saying they have some malware samples they can send us.

We eagerly replied and thanked them.

They replied saying the samples "are for sale" and asked how much we'd pay for them.

Читать полностью…


"i work in tech" simulator

Читать полностью…


tl;dr 1st lesson of cybersecurity, verify your identity to bishopfox without detonating malware on your machine (we failed)

Читать полностью…


Registering on a website and trying to calculate the probability of it being compromised (use a burner e-mail or the real e-mail)

Читать полностью…


Hey Alexa, play "Money In The Bank" by Lil Scrappy.

Читать полностью…



We're hosting a malware development competition. It is a JVM malware competition.

- Virality/infectiousness
- Stealth
- Flexibility

What this is NOT:
- An obfuscator contest
- a VM design contest

0th place ('dubbed Gigachad'): $1,000
1st place: $500
2nd place: $250
3rd place: $100
4rd place: 1 picture of a cat

Deadline: December 15th, 2024

Finalists code will be placed on vx-underground. You will receive all credit.

Send submissions to bot59751939 on Twitter, or our Twitter account, or our email (staff at vx-underground dot org)

Читать полностью…


Elwood Edwards, the voice of "You've got mail!" from AOL passed away November 5th. He was 74. Sadly, Mr. Edwards was only paid $200 despite being a voice to millions of people across the globe.

In his later years he worked as an Uber driver for extra income.

RIP Elwood.

Читать полностью…


Hello, how are you?

tl;dr tg channels deleted, dat sux. were back but malware collecting is hard. american politics is crazy

1. We've received some reports today that some hacker-cybersecurity-leak-??? Telegram channels have been hit by a Telegram orbital nuke. Club1337 and data1eaks are gone. If in the event the vx-underground Telegram channel is deleted, for whatever reason, it will be business-as-usual on Xitter. I don't intend to go back-n-forth fighting with Telegram... If the vx-underground Telegram is nuked maybe we'll try some other platform, I don't know, whatever.

2. In other news, we're hoping to resume some more uploads — papers, archives, etc. Doing the daily malware ingestion stuff is A LOT of work for our small roster with limited resources. It takes a lot of time and resources (mostly time). We want to do more cool stuff, but doing cool stuff takes time, energy, money, and cool music. We're running low on time and cool music. Feel free to recommend us some cool music.

3. In interesting news, following the 2024 United States Presidential Election our merch store sales went from an average of 5 - 10 sales a week, to literally zero. It appears our primary audience of westerners are more interested in United States politics than dumb t-shirts from a crappy website. This isn't a complaint — it's an interesting observation.

- smelly smellington

Читать полностью…


Sometimes people complain when we stray away from malware related topics.


The monkeys were released via ICS malware which opened the gates for the monkeys, or something, whatever. Make up some shitty anime plot and insert malware.

Читать полностью…


god damn chinese ministry of state security callin us at 10pm. bro, just scrape the site or something idk ok its bed time

Читать полностью…


Also, this is a pretty clever idea. If the conversion works and they successfully slipstream a malware payload into it, that is a pretty substantial improvement — pretty stealthy.

+2 internet points to Gootloader

Читать полностью…
Subscribe to a channel