vx-underground

12 Feb 2024 18:46

We found NATO's Jira access portal online. It said you can request access via the form URL. We have requested access to NATO.

vx-underground

12 Feb 2024 16:20

We've updated the vx-underground Windows malware paper collection

- 2023-12-21 - InsightEngineering - Advanced Windows Debugging
- 2024-01-06 - Token stealing with Syscalls only
- 2024-01-15 - Undocumented DISM properties

vx-underground

12 Feb 2024 06:21

Group: 8base
Approx. Time: 22:38 11/02/24
Title: LILI'S BROWNIES

vx-underground

12 Feb 2024 06:08

We are preparing for Valentine's day. We are now known as vx-uwu

vx-underground

11 Feb 2024 17:42

We've updated the vx-underground malware families collection

- AgentTesla
- Amadey
- Android.Chameleon
- Android.WyrmSpy
- AsyncRAT
- AveMaria
- DarkGateLoader
- GootLoader
- INCRansomware
- IPStorm
- LummaStealer
- Nanocore
- Pikabot
- RecordBreaker
- Remcos
- Stealc

vx-underground

11 Feb 2024 07:06

February 9th, 2024 the United States Department of Justice announced the arrest of two individuals behind WarzoneRAT.

- Daniel Meli, 27, of Zabbar, Malta
- Prince Onyeoziri Odinakachi, 31, of Nigeria

They are being charged with conspiracy, obtaining authorized access to protected computers to obtain information, illegally selling an interception device, and illegally advertising an interception device.

They are facing up to 20 years in prison.

More information: https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales

vx-underground

11 Feb 2024 06:34

Namecheap is currently experiencing a rather significant DDoS attack.

This attack is not impacting their products. It is effecting their primary domain and customer support.

vx-underground

11 Feb 2024 03:23

"The Lockbit builder you have archived is corrupt. Does the .exe work on Android?"

vx-underground

10 Feb 2024 20:47

We have begun archiving SEC Form 8K filings related to cyber-crime.

Archives are from the SECurityTr8Ker feed.

https://vx-underground.org/Archive/SEC%20Form%208K

vx-underground

10 Feb 2024 06:17

Chainalysis' report indicates ransomware *payments exceeded $1,100,000,000 in 2023.

*Payments which are confirmed to be attributed to ransomware attacks, more attacks may not have been identified

More information: https://www.chainalysis.com/blog/ransomware-2024/

vx-underground

09 Feb 2024 17:11

Today James Forshaw (tiraniddo) did a quick assessment on the new Windows 11 Sudo.exe.

Despite his quick assessment, the blog post is wonderful. It is an excellent read. We recommend it:)

tl;dr fancier ShellExecute 😭

https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html

vx-underground

09 Feb 2024 00:51

Problem has been resolved. Please continue downloading malware.

vx-underground

08 Feb 2024 18:29

Some nerd is visiting vx-underground, with a wilderness background, to bamboozle us into believing they're outside.

We should have known Apple Vision Pro nerds wouldn't go outside 😡

vx-underground

08 Feb 2024 10:56

We've updated the vx-underground Malware Analysis collection. We've added 86 new papers.

Thanks to our friends over at @malpedia for helping us stay up-to-date every month.

Check it out here: https://vx-underground.org/Papers/Malware%20Defense/Malware%20Analysis

vx-underground

08 Feb 2024 06:57

Cloudflare is cool and badass

vx-underground

12 Feb 2024 17:52

ALPHV ransomware group has taken credit for attacks on critical infrastructure in the United States and Spain

- 2023-12-18 - Lower Valley Energy, an electricity provider in the United States
- 2024-02-12 - Sercide, an electricity provider in Spain

vx-underground

12 Feb 2024 06:30

We are deeply saddened to share that all of the Twitter bots and/or spam accounts sharing pseudo-pornography in their Twitter bio does NOT deliver malware :(

It just does a bunch of dumb redirects and eventually drops you off on some fake looking dating site

vx-underground

12 Feb 2024 06:21

Dudes ransomed a small family owned bakery 😭

Ransoming their way to $50 and a bag of freshly baked cookies

vx-underground

12 Feb 2024 02:24

CrowdStrike placed an ad in the Super Bowl.

We're not up to date with the current Threat Actor lore with them, but it appears as if one of the individuals in the commercial is the infamous Scattered Spider (the tall one with the curly blonde hair)

vx-underground

11 Feb 2024 17:36

We've updated the vx-underground Windows malware paper collection

- 2021-07-23 - Modifying MS Office security warnings
- 2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer
- 2024-02-08 - Deep Dive Into Exploiting Windows Thread Pools

vx-underground

11 Feb 2024 06:47

October 24th, 2022 an account on Doxbin operating under the alias "pedohunters" released a lengthy article on an individual operating under the alias "Rabid" a/k/a "Rabid7997".

February 8th, 2024 the identity of "Rabid" was confirmed - the United States Department of Justice arrested Richard Anthony Reyna Densmore of Kaleva, Michigan.

The United States Department of Justice unveiled details of this individuals sadism - he forced children to perform acts of self-harm on Discord for sexual gratification.

Due to the severity of his crimes he is currently facing life in prison.

More information: https://www.justice.gov/usao-wdmi/pr/2024_0208_R_Densmore_Indictment

vx-underground

11 Feb 2024 03:57

we out here fr tho bruv 🙏

vx-underground

10 Feb 2024 22:30

We've updated the vx-underground Windows malware paper collection

- 2019-02-15 - Understanding Windows x64 ASM
- 2023-12-31 - Compression using undocumented RDP APIs
- 2024-02-08 - Disabling System Event Logs with IDataCollectorSet

https://vx-underground.org/Papers/Windows

vx-underground

10 Feb 2024 09:34

We've uploaded more malware samples to vx-underground.

InTheWild && Bazaar && VirusSign

It is over 100,000 new samples.

Please download them, they're very lonely and scared.

vx-underground

09 Feb 2024 20:01

We've updated our Windows malware paper collection

- 2023-11-22 - ETW internals for security research & forensics
- 2024-02-08 - Bypassing ApplyOnce limitation in GPO with key removal
- 2024-02-08 - Executing CSharp Assemblies from C code
- 2024-02-09 - Sudo On Windows

vx-underground

09 Feb 2024 03:29

The new Windows 11 sudo.exe is displaying something strange in IDA 🤔🤔🤔 what could it mean

vx-underground

08 Feb 2024 18:57

Hello,

As is tradition, we accidentally did an oopsie. Our search function is botched and downloads on files aren't working. We pushed some code to prod without actually testing if the file download part worked.

Testing code before pushing to prod is for nerds

Thanks,

vx-underground

08 Feb 2024 11:13

We apologize if you visit vx-underground and you're greeted with a Cloudflare waiting room (queue system).

We've been getting DDoS'd for the past 7 hours+, the longest we've ever been DDoS'd

tl;dr toothbrush's all across the globe have begun attacking us

vx-underground

08 Feb 2024 09:05

If you don't have a Valentine for Valentine's Day, we'll be your Valentine.

vx-underground

07 Feb 2024 23:59

We have conducted the largest DdoS attack in history. We are sending 572^265 TiBs/second using 3 hamsters and an old soggy toothbrush we found on the side of the road

(Toothbrush not pictured)