14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Microsoft has announced their plan to retire WMIC. It will be replaced with an alternative in Powershell.
WMI will still be accessible with COM API
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/wmi-command-line-wmic-utility-deprecation-next-steps/ba-p/4039242
We've updated the vx-underground MacOS malware paper collection
- 2020-03-28 - Learn XPC exploitation - Part 1 - Broken cryptography
- 2020-04-23 - Learn XPC exploitation - Part 2 - Say no to the PID
- 2020-06-29 - Learn XPC exploitation - Part 3 - Code injections
random_phisher requested we do a second interview with the SIM swapper we met.
He told us about the struggles of hacking, his communications with Morpheus, and his problem with women
January 11th, the United States Department of Justice announced the indictment of a United States SIM swapped named Noah Urban ...
a/k/a “Sosa”
a/k/a “Elijah”
a/k/a “King Bob”
He is accused of $800,000 of theft via SIM swapping
https://www.justice.gov/usao-mdfl/pr/palm-coast-man-arrested-wire-fraud-and-aggravated-identity-theft-charges
Today Hewlett-Packard disclosed to the SEC that they were compromised by APT29 a/k/a/ Cozy Bear a/k/a/ Midnight Blizzard
Information via pancak3lullz
More information: https://www.sec.gov/ix?doc=/Archives/edgar/data/1645590/000164559024000009/hpe-20240119.htm
We've received a few notifications today regarding the "Mother of all Breaches" - which allegedly contains 26,000,000,000 creds and information from people all across the globe
This is simply a compilation of breaches and scrapes rolled into 1. It isn't anything new or crazy
¯\_(ツ)_/¯
We continue to see a significant rise in cryptodrainers, especially DaaS (Drainer as a Service), and the now competing DaaS groups such as Angel Drainer and Lethal Drainer.
These groups are bringing in big money and are beginning to blood into the malware-space
Today CourtWatch discovered that the United States has officially charged Chouby Charleron a/k/a/ "The Real Jewt King" of running a 'TLO' service.
TLOxp is a service offered for debt collectors, employers, and law enforcement officers to perform background checks on individuals.
Chouby Charleron is alleged to have operated a TLO service from 2020 to 2023. Interestingly, Chouby Charleron charges did not originate from the FBI. It originated from the United States Postal Service (USPS) - more specifically a Postal Inspector part of the United States Postal Inspector Service (USPIS).
Authorities allege Chouby Charleron service resulted in doxxing campaigns, and social engineering campaigns used for fraud or extortion.
He is currently being charged for Conspiracy to Commit Wire Fraud which is punishable to a max of 20 years in prison and/or a $250,000 fine.
The fastest way to learn in any computer related subject is to go to a chatroom on the topic (preferably an IRC chat) and say something blatantly wrong.
You'll receive essentially a free course on the subject as long as you keep saying wrong things
We've had many people ask us how we become acquainted with cyber criminals. The answer is very simple. We approach them and use their own slang to initiate a conversation.
See attached video for a demonstration.
We've updated the vx-underground MacOS VX paper collection.
This is a pretty rare update, due partially to scarcity of resources, partially to our ignorance.
Have a nice day.
https://vx-underground.org/Papers/Other/MacOS%20VX
Today we spoke with individuals from the US Eastern District Court of Virginia. We requested information from the Clerks office on the official sentencing of Mr. Conor Fitzpatrick, the previous administrator of BreachedForum.
He was sentenced to 20 years supervised release
Taking a break from work to play some video games with friends
Читать полностью…
Hi,
Harddrive orders 1659, 1660, 1661, 1663, 1664, 1666, 1670, 1671, 1688 were mailed last week.
Harddrives 1696, 1699, 1704, 1704, and 1705 are cloned and ready to be shipped
Harddrives 1707, 1711, 1712, 1715, 1718, 1727, 1729, 1732, 1734, and 1747 are in queue to be cloned
We're in the process of uploading an additional 125,000 malware samples to vx-underground and the VXDB.
Hope everyone has had a good week thus far.
Love you
We are approaching 300,000 followers on Twitter, so we decided to consult with a psychic cat to determine our fate
Yes, your donation money funded this
January 12th, Microsoft discloses that they were compromised by APT29 a/k/a/ Midnight Blizzard and state the group got access to emails for corporate leadership, cyber security personnel, and legal.
January 24th, Hewlett-Packard discloses that they were compromised by APT29 a/k/a/ Midnight Blizzard and state the group got access to emails for cyber security personnel, 'go-to-market', business segments (?), and more
Microsoft believes they were compromised roughly November, 2023
Hewlett-Packard believes they were compromised roughly May, 2023
Coincidence? ¯\_(ツ)_/¯
Users are reporting they received an e-mail today from Trezor which states they must upgrade their account or else all of their funds will be lost
However, the e-mail received to upgrade redirects to a fake domain 'suite-app-trezor'
tl;dr big drainer move
We've updated the vx-underground Windows malware paper collection
- 2024-01-23 - Windows Event Log service DoS
- 2024-01-06 - A little known secret of fondue dot exe
- 2023-12-27 - A little known secret of regsvr32exe
- 2023-12-26 - A little known secret of runonceexe
🫡🫡🫡
January 16th an individual operating under the alias 'Emo' posted over 15,000,000 unique entries from Trello online.
According to HaveIBeenPwned it is believed the individual programmatically scraped the site using previously disclosed e-mails to aggregate data on individuals.
We are super excited that we have another sponsor. Our friends over at HudsonRock are now an official sponsor of vx-underground 🙏
They collect absurd quantities of data stealers logs, helping companies protect themselves from you degenerates
Thank you, Hudson Rock
Valentines day is approaching very quickly.
Gift your significant other something special this year. Grab an old motherboard, cover it in melted chocolate, and present it on a nice plate.
They'll love you forever
Lockbit ransomware group has posted Subway to their website.
This is sad. They have some good sandwiches
We're in the process of uploading an additional 20,000 new malware samples to vx-underground and the VXDB.
Thank you to our friends at virussign for giving us the hook up 🙏
A while back, we had one of our backend devs work on the frontend. This is as far as they got
Читать полностью…
He will not be going to prison. That is a profoundly kind sentence from the Honorable Judge Brinkema.
More details will be present on PACER on Monday, or Tuesday, when the Court Deputy enters the information into their system
Palo Alto Unit42 is currently seeking an intern. We agreed to share that on the condition money was given for pizza. Unironically, money was indeed sent for pizza.
Anyway, here's the intern stuff if you're interested
https://app.ripplematch.com/v2/public/job/791cfa0c/details