14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Hello, how are you?
Unfortunately we've sold out on selling the complete vx-underground collection. We set a limit of 20 due to the work required to clone vx-underground 20 times.
When all 20 orders are completed we will re-stock another 20 harddrives.
Thanks,
Today DissentDoe reported that ALPHV ransomware group submitted an official SEC complaint against MeridianLink for them not disclosing the breach ... which was performed by ALPHV...
ALPHV shared the official SEC complaint with DissentDoe
More info: https://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/
We informed someone that the mountain of 10TB external harddrives in our possession will be loaded up with 30,000,000+ malware samples and mailed to various people across the planet.
They called us the Unibomber 😭
Hello, how are you?
In case you've missed it: we do all data pushes on Wednesday and Friday now. Today is our first official update Wednesday.
The landing page contains "2023-11-15 - Updates.txt". This will list all new additions.
Have a nice day. 🥰
https://www.vx-underground.org/
We are doing another series of book giveaways on Twitter.
https://twitter.com/vxunderground/status/1724092349238693921
Important updates:
1. We are establishing a 'schedule' to add some structure to our workflow (for the first time in 4+ years). Wednesday and Friday will be when updates are pushed to the website e.g. malware papers, archives, malware samples, etc. Monday, Tuesday, and Thursday will be dedicated to us aggregating content, posting nonsense, etc. Saturdays and Sundays we may or may not work, it depends entirely on our mood and what's happening.
2. Due to increased sponsorships, monthly donors, and people purchasing merchandise, we have successfully increased the volume of samples we are uploading to the VXDB. We are now aiming to upload 200,000+ malware samples a month.
3. We are still working on enhancing the website, making it scrapable, and allowing nerds to do mass downloads from the VXDB.
4. We are working on some limited edition merchandise for the holiday season for vx-underground. Additionally, all merchandise will be disconnected throughout the entire month of December.
5. We're going to be doing more giveaways this month. If you have a suggestion, let us know.
Have a nice day (night?). See you all tomorrow:)
Hello, how are you?
Due to increased sponsorships, donors, and nerds purchasing merchandise we are now increasing the volume of malware samples for nerds to reverse engineer, or build rules for, or something.
Have a nice day. Enjoy the rest of your weekend:)
Malware is like an old can of peas.
It's been on the shelf for 20 years and it's still good
Nerds think having Lamborghinis, 'Iced out' watches, and wearing Balenciaga makes them look wealthy.
Wrong.
Real wealth and power is skating on GPUs.
Questions we have been asked:
1. Will Boeing pay Lockbit ransomware group? No.
2. Was Lockbit responsible for the ransomware attack against ICBC? Yes
Source: Lockbit ransomware group administrative staff. They also want to explicitly state they are not Russian
Fellow nerd RicardoJoseRF implemented our recent tweets about different 'whoami' methods in C#.NET. We initially wrote them in C++.
It's cool seeing stuff in other languages =D
You're corrupting all of us UK_Daniel_Card & HackingLZ
Link: https://github.com/ricardojoserf/WhoamiAlternatives/
Fuck you, Telegram, for placing ads on our posts. It gives the illusion like we're shilling bullshit.
Fuck ads.
Per the request of many we are now selling physical copies of vx-underground.
- $500 (this includes shipping)
- Handwritten thank you letter
- 10TB Seagate external HDD
- Worldwide shipping
- Delivery times vary (location, queue, ???)
https://www.vx-underwear.org/products/vx-underground-collection-hdd
The big whoopsie has hit.
Earlier this morning nerds began informing us that equity traders were unable to place trades (or clear previous ones) through ICBC (Industrial and Commercial Bank of China).
An emergency notice was sent out stating:
"ICBC is currently unable to connect to DTCC/NSCC. This issue is impacting all of ICBC’s clearing customers, including [censored]. Because of this, [censored] is temporarily suspending all inbound FIX connections and not accepting orders at this time. We are in close touch with ICBC and will advise as soon as the issue is resolved. We are exploring all avenues to clear all 11/8 trades and will provide updates as they become available."
It was speculated that it was ransomware, however it was not confirmed and it was just rumors. If it was a technical issue it is bad. But, now that we know it is ransomware, it is much worse.
More information: https://www.ft.com/content/8dd2446b-c8da-4854-9edc-bf841069ccb8
Behold! 19,999,999 malware samples in the VXDB!
*Upload is async so it's not in order
We will be removing the 'ARREST WAZWAKA' t-shirt from the vx-underground store soon. The shirt was created and released as a meme and it no longer serves a purpose for being on our shop.
If you'd like to buy the silly shirt, do it before we nuke it December 1st, 2023.
We have had 8 people purchase the complete vx-underground collection - an external harddrive featuring everything we currently have in our collection.
Beside a handwritten thank you letter, it will feature a giant warning label somewhere on it.
If you mount this drive on Windows ... DISABLE ALL ANTI-VIRUS SOFTWARE. Windows Defender and/or your AV will 100% go ballistic. It will automatically detect upwards of 30,000,000+ malware samples it believes to be present on your machine.
Your OS WILL BSOD. No AV is designed to list and/or quarantine 30,000,000+ files.
You've been warned. Please be careful.
As vx-underground grows in size and reaches more and more non-nerds, we continue to receive e-mails like this
Читать полностью…
Today we received a notification from an individual who wished to remain anonymous.
They informed us that their jobs training for new employees, which derives from IANS, features vx-underground
tl;dr we have infiltrated the non-nerds using malware and edgy pictures
tl;dr schedule for adding stuff, more malware samples, still working on website, holiday merch and holiday sales, more giveaways
Читать полностью…
An unknown Threat Actor(s) claim to have compromised Coin Cloud.
They allege to have exfiltrated 70,000 customer selfies (via ATM cameras), and 300,000 customers PII which includes Social Security Number, Date of Birth, First Name, Last Name, e-mail address, Telephone Number, Current Occupation, Physical Address, and more. They allege to have data for individuals residing in the United States as well as Brazil.
They also claim to have stolen the source code to the entire backend of Coin Cloud.
Coin Cloud filed for Chapter 11 Bankruptcy in February, 2023.
Company executives when they're asked if they've been compromised
Читать полностью…
Bloomberg released a news article regarding the attack on ICBC. In the article it states: "A representative for the gang confirmed on Friday that the group was behind the ICBC attack".
Confirmed to who? :)
Why'd you skip us, but mention Trusec, Analyst1 and CyberSheath?
Butte School Districts shuts down computer network after system compromised.
Furthermore, as demonstrated in the image used by the news station, user xdolence tried using the ls command on Windows 😭
Correction made: it was $30,000,000 - blockchain nerds believe it is tied to APT Lazarus Group (North Korean government).
Читать полностью…
November 10th, 2023 at approx. 6:35AM EST Poloniex cryptoexchange was 'drained' of over $30,000,000...
Information via AlvieriD- correction of sum by lcfr_eth
*Initial sum was $137,000, was off by $29,863,000 :)
Whoopsie proof: https://etherscan.io/address/0xa910f92acdaf488fa6ef02174fb86208ad7722ba
Whats included?
- 37,745 APT papers and samples
- 7,147 archived materials (papers, old software, malware builders)
- 11,460 malware papers
- 36,000,000+ malware samples (5.06TB)
- 3,197 malware source code(s) file(s)
CheckPoint Harmony EDR/XDR Agent 87.60.0273 for Windows, MacOS, and Linux leaked online today.
Leaker allegedly established a fake company to purchase the software ¯\_(ツ)_/¯
Our account through Donorbox has been suspended citing that they believe we have violated their policy. We have not.
We have used DonorBox for several years now with no issue.
Without their services we will no longer be able to accept donations and survive:(