14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
In 2023 Caesars was compromised and ransomed by ALPHV ransomware group
Their executives are probably afraid of the H word
Accidentally compressed 50,000+ malware samples with the password 'infecyed'.
Читать полностью…
We've got 21,000+ malware samples in queue, 8 more harddrives to clone, 50+ malware development papers to add, 200+ malware reverse engineering papers to add, and a bunch of cat gifs
Читать полностью…
1. AnyDesk compromised. BleepinComputer confirmed with AnyDesk that source code and private code signing keys were stolen
2. Google search is removing cache links :(
3. Serial swatter Torswats arrested
4. CyberAv3ngers is tied to the Iranian government
Today it was announced by authorities in Georgia that a murder suspect was accidentally released from Clayton County Jail following a 'cyber security incident' which resulted in 'widespread system outage'
tl;dr ransomware freed a suspected murderer
https://whee.net/2024/02/01/murder-suspect-mistakenly-released-from-jail-after-cybersecurity-incident/
Accidentally ran two instances of Microsoft Teams at once
Читать полностью…
Free Joey D! He didn't do anything wrong!
*Joey is serving 30 years in a maximum security prison for shooting, and nearly killing, 3 people during a drug deal gone bad
Additionally, it should be stated that this pseudo-ruleset applies to educational institutions as well. We are aware of several instances where affiliates ransomed public education facilities (K-12 schools).
When we bring up the fact these are state-funded educational facilities and have no money, they do not believe us or they assert that they do have money because the facility owns computers.
"If they money for computers, they have money to pay me"
Thank you to Hannah Montana Linux for letting us know our license key has expired.
Читать полностью…
You're all so goofy, it's unbelievable.
You've all been reported to the cyber police and it WILL be backtraced!!!!111
Valentines day came early for us.
We are absolutely flattered one of you would hand craft a phishing e-mail specifically targeting us.
The small vx-underground favicon was a nice touch too. However, we don't have a support center, or webmail through vx-underground
7/10
We have some updates on vx-underground staff member Toast. He is in a box.
Additionally, we have a new member named Flame. He is not on fire.
vx-underground staff member Flame is hard at work uploading malware samples.
He is not on fire.
We've updated the VXUG malware families collection
- AkiraRansomware
- BottomLoader
- DLRAT
- GoTitan
- GraphicalProton
- GuLoader
- HazyLoader
- LitterDrifter
- NineRAT
- PlugX
- RedLine
- RhadamanthysLoader
- RhysidaRansomware
- RisePro
- VettaLoader
https://vx-underground.org/Samples/Families
10/10 email. Thank you to the author of this email. This is masterful satire.
If it is not satire, we are very sorry Mr. Williams (retired, not expired)
Today CloudFlare reported that they had been compromised on Thanksgiving, 2023. They state that the Threat Actor got access via Okta, which was compromised in October, 2023
This is the 2nd time CloudFlare was compromised through Okta
No data was stolen
https://blog.cloudflare.com/thanksgiving-2023-security-incident
we are trying to sleep.
everytime we check twitter we see more arrests or high profile breaches
everyone just clam down for a second ok
ok ttyl
If you're interested in keeping up with ransomware attacks and/or ransomware victims, a group of researchers have ported the vx-underground ransomware news bot over to Telegram
tl;dr monitors ransomware group sites near-in-real-time for latest listings
/channel/RansomwareNewsVX
The United States Department of Justice has been arresting and/or indicting individuals involved in cyber criminals left-and-right.
They've indicted 8 individuals within the past 2 weeks.
Individuals arrested and/or indicted:
- "R" a/k/a "R$" a/k/a "ElSwapo1"
- "Em"
- "Carti" a/k/a/ "Punslayer"
- "Snoopy"
- "TheMFNPlug"
- "Joey"
- "Sosa" a/k/a "Elijah" a/k/a "King Bob"
- "The Real Jewt King"
NOTE: Reposted, phrasing improved
We met a wonderful man on Telegram yesterday. He currently resides in a level 5 maximum security prison. He is serving 30 years in prison.
His associate smuggled a cell phone into prison, presumably through his anus, so they could do things on the internet.
Very cool 👍
In the past we've tried to prevent Lockbit ransomware group from attacking healthcare facilities and non-profit institutions. We have never had success.
The reason why derives from either ignorance on their end (intentional, or not, it's up to your interpretation), and ambiguity of their ruleset from affiliates.
Recently Lockbit ransomware group attacked a non-profit healthcare institute in Chicago. The facility is Saint Anthony Hospital. The facility clearly states they're a non-profit and religious institution. Attacking this facility is a blatant violation of the Lockbit ruleset which is defined by their administrative staff.
However, when we approached the Lockbit administration we received a reply with a link to the organizations financial disclosures. Lockbit ransomware group believes that a non-profit institution in the United States means employees are not paid and the organization quite literally has no money.
In other words, they will not ransom a company if they quite literally have no money.
If you attempt to educate and present information to Lockbit administrative staff on non-profit institution laws in the United States they will state the organization is corrupt and they will imply (directly or indirectly) it is a money laundering operation and the facility is dirty and deserves to be ransomed.
In summary: the rules are a facade
We've added a new linux malware paper. Yes, they exist.
2024-01-30 - Implementing Remote Persistent Keylogger Executing in User-Space exploiting Utilities in GNU Linux Operating Systems
It is a lengthy paper title.
Check it out here: https://vx-underground.org/Papers/Linux/Persistence
Today the United States Department of Justice announced the arrest of two individuals tied to compromising a Fantasy Sports website and a betting website.
The individuals arrested were Nathan Austad a/k/a "Snoopy" and Kamerin Stokes a/k/a TheMFNPlug
More information: https://www.justice.gov/usao-sdny/pr/two-more-men-charged-hacking-fantasy-sports-and-betting-website
We received another handcrafted phishing e-mail!
The spoofed headers is cool, and the CloudFlare Ipfs is cute. Thank you, we appreciate it.
We feel so special, we are blushing.
Thank you, sweetie pie
🚨 BREAKING 🚨
Lockbit ransomware group confirms they have taken an L.
🙏🙏🙏🙏
We've updated the vx-underground malware families collection
- Ryuk
- IronWind
- Mirai
- Volgmer
- ShadowPad
- FabookieStealer
- KandyKorn
- SIGNBT
- SmokeLoader
- HijackLoader
- PhobosRansomware
- RedLine
- BiBiWiper
- IcedId
- PikaBot
- AkiraRansomware
Have a nice day.