14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Ubisoft has begun revoking the ability for people to play "The Crew" because they're shutting the servers down at the end of April.
The Crew has an offline single player option.
When people try to launch the game they're greeted with "You no longer have access to this game".
Today we spoke with RansomHub ransomware group.
Their representative immediately wanted to dispel any rumors of them being a potential rebrand of ALPHV ransomware group – they assert they're victims of the ALPHV exit scam. They appear to be hyper-aware of these allegations, suggesting they're (probably) on social media and actively monitoring discussions regarding their group.
Additionally, they shared with us various documents which illustrate possession of sensitive data from the United Healthcare Group breach.
* We are unable to verify the authenticity of these documents. However, we do not question the validity of the documents shown. We believe the data to be real.
* There is currently no concrete evidence to suggest RansomHub is a rebrand of ALPHV. Currently accusations of them being a rebrand primarily revolve around the time of their initial launch and 'gut feelings'. To the best of our knowledge there is not any other publicly available information which proves beyond a reasonable doubt this is ALPHV.
* No RansomHub ransomware group payload has surfaced online. We do believe it exists. They are either undiscovered or labeled TLP:RED and are not shared publicly. Some reports suggest the payload is written in Go, but no IOCs were shared.
* RansomHub would not share a malware sample with us. RansomHub would not provide us with photos or access to their ransomware affiliate panel. RansomHub told us they're currently re-developing (?) their ransomware payload.
The spam bots are recursively replying to each other because their spam messages contain key words other spam bots use
tl;dr spam inception
https://twitter.com/rosenwells/status/1778809976930115626
> Elon Musk vows to crack down on porn spam
> record scratch
> window breaking noise
> Stone Cold Steve Austin music plays
Unbelievably, upon review, we realized we have crossed off ALMOST our entire to-do list. It only took 4 years and 11 months.
- 36,000,000+- malware samples
- 19,852 papers
- 38,793 APT papers and/or samples
- 3,206 malware sources
- VXDB developed and implemented
Today we learned Hatching Triage introduced Android sandboxing for Android malware... 4 years ago.
We never sync'd Android malware because we didn't know that functionality existed in Triage 😂😂😂
"Have you ever accidentally detonated malware on your main machine?"
Yes, and it was like this
Fighting the temptation to keep meme-ing universities with free Robux malspam
Читать полностью…
Some people thought the Robux thing we tweeted was an actual way to get Robux for free 😭😭😭😭
You're now banned from the internet. Forever.
Shoutout to the homies at Harvard for the free Robux. Coming in clutch to help us get some new drip
Читать полностью…
Shoutout to the homies at Stanford for helping us get free Robux 🙏🙏🙏
Читать полностью…
tl;dr if your company has allegedly been compromised, do not start banning, or timing out people, who are asking questions about it. It only fuels the fire and makes the questioning and rumors more ferocious.
Читать полностью…
> login to twitter
> check recommended news
> twitter recommends us to us
Hello, how are you?
Harddrives are back in stock. Merch store is back open for a limited time.
https://www.vx-underwear.org/
We did a spam test on Twitter. We got 21 spam replies in 30 seconds. It keeps climbing.
https://twitter.com/vxunderground/status/1778807528417116177
> wake up
> check news
> 0day exploited in the wild
> scroll down
> police offices being ransomed
> ransom group threatening to leak data on rape victims
> scroll down
> "nudes in bio"
Happy Friday.
We've also distributed complete copies of our collection to people all across to globe. In the event that every single person with access to vx-underground dies in a horrific airplane crash – someone will be able to continue our legacy.
Cheers
We've updated the vx-underground Windows and Linux malware paper collection.
Goodnight (or good morning?)
See full list of additions here: https://vx-underground.org/Update%20Notes
Google has announced 'Chrome Enterprise' with two tiers available: Core and Premium.
It will allow administrators to control functionality of the browser and have enhanced security controls. See attached image for more details.
No seriously, it's real
https://play.google.com/store/apps/details?id=ai.bebra.android.client
Shoutout to the homies at University of Virginia for the free Robux.
They also helped find viruses on our computer. They said they'll fix it if we call +1-877-339-0559
Blessed 😭🙏
We expect Harvard and Stanford to give us PhDs in Computer Science for our thesis on free robux
Читать полностью…
Unrelated to malware, but potentially relevant to people who go outside
Читать полностью…
Good morning, afternoon, or night.
Today we mailed out the remaining vx-underground collection harddrives. It was sent to 6 people.
To those people: during packaging we discovered some sort of mysterious goo on the harddrive boxes. We do not know what it is. It is mysterious.
Sugargoo, a competitor to PandaBuy, has allegedly been compromised. Individuals operating under the monikers "IntelBroker" and "Sanggiero" are claiming responsibility for the breach.
- The data they claim to have exfiltrated is primarily user activity and settings. However, the data does include the users email address. The data stolen is not nearly as severe as the PandaBuy breach
- The data has not been made public. The individuals responsible for the breach are trying to sell the data.
- IntelBroker and Sanggiero are the same individuals who compromised PandaBuy
- In a twist of fate, the breach was mostly unnoticed until Sugargoo administrators began timing-out people from their Discord who questioned staff members on the breach. This resulted in more people discussing the issue.
Thank you, Faderz for sharing the screenshot with us as proof.