14367
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
There are more animes than stars in the observable universe and you nerds want to watch all of them
Читать полностью…
20 8TB external harddrives.
These will be cloned with 5.22TB of malware and mailed to nerds.
Please pray for any inspector who decides to mount these on a Windows machine to inspect them 🙏
Hello, it is update Wednesday!
But, we are enjoying a pause on vx-underground stuff for American Thanksgiving break. No updates will be pushed to vx-underground today or Friday.
Red Team Ops I: https://training.zeropointsecurity.co.uk/courses/red-team-ops
Red Team Ops II: https://training.zeropointsecurity.co.uk/courses/red-team-ops-ii
Students (ages 13+), we have some really exciting news for you all.
We are blessed with the opportunity to grant one of you a gift that will fast track your career in Red Teaming. We hope this gift will give a voice to someone voiceless.
Stay tuned.
Dear nerds who purchased the complete vx-underground HDD collection,
We have cloned 8 HDDs. 12 are remaining prior to shipment. We receive our next remaining harddrives Wednesday, November 22nd. Once those are completed we will be shipping them out.
Dear nerds who keep asking if they can buy the HDD collection,
We will begin selling HDDs again sometime in December.
Tired of seeing nerds arguing about C2's? Next time use some C4. EDR's struggle against C4
Читать полностью…
You may not like it, but this is what social engineering looks like
Читать полностью…
First and foremost - our post on Google restricting adblocking plugins exploded. It's obvious nerds have united for their hatred for online advertisements.
Secondly, when we shared news on Google Chrome's MV3 (Manifest Version 3) restricting ad-blocking capabilities for plugins such as uBlock Origin we were inundated with articles from FireFox.
1. In early 2023 FireFox stated they intend on allowing ad-blocking plugins to work exactly the same despite they themselves moving to MV3. uBlock Origin will operate the exact same as it always has on MV3 (unsurprisingly).
2. Brave browser announced yesterday that they are migrating to MV3 as well. However, they also state that they will allow adblocking plugins to work as intended so there will be no restrictions in their functionality.
Braves official announcement: https://twitter.com/brave/status/1725622768262128006
iOS malware samples are extraordinarily difficult to find both in the wild and online. Thanks to Kaspersky for sharing the samples. 🙏
Читать полностью…
tl;dr time to purchase NordVPN to remove Windows features 😎
Читать полностью…
Our website is a collection of digital nukes designed to destroy pawnshop computers 😭😭😭
Читать полностью…
Google confirms they will disable uBlock Origin in Chrome in 2024
More information: https://www.reddit.com/r/uBlockOrigin/comments/17wu2gz/google_confirms_they_will_disable_ublock_origin/
Yes, we are aware there has been some interesting ransomware activity the past couple of days and more internet nerd drama.
We're on vacation, we'll talk about it next week, or something, whatever.
tl;dr ALPHV ransomware group ransoms big financial place, bad mouths Mandiant
Students,
We are working to secure another educational course giveaway with a different accredited institution. This course will focus primarily on reverse engineering and malware analysis.
More details will be released as we approach Christmas.
Have a nice day.
Haha but fo'real though. If you're running Windows please proceed with caution, if Windows Defender or an AV is enabled - your computer will implode like a dying star.
Читать полностью…
Lockbit ransomware group has ransomed... a small local bar with like... 5 employees? 😭😭
What are they going to steal? $15 and their winter coupon menu?
We have received over 100 e-mails in less than 12 hours of our Red Team Ops I and Red Team Ops II giveaway.
Some of you have sent truly heartwarming and compelling e-mails. Some of you are unimaginably lazy, writing 3 sentence e-mails, really?
Hello, how are you? This will be a long post. Please read carefully. Please review the subsequent post following this to see information on the course.
This is our largest giveaway ever. This ONLY applies to students formally enrolled in a school, college, university, technical institute, or trade school. The minimum age of entry is 13 years old. There is no maximum age limit.
We are gifting a Red Team course: Red Team Ops I and Red Team Ops II from Zero Point Security. This an extremely length course - 257 lessons which will allow you to establish a solid foundation in offensive security. This gift includes
- Red Team Ops I (177 lessons)
- Red Team Ops II (80 lessons)
- 180 days of lab access
- The Red Team Ops exam which is rewarded with a badge upon successful completion
This complete course costs $1,185. We hope this will give someone the chance to accelerate their career and receive a formal education in offensive security they otherwise couldn't afford.
How to apply:
1. You MUST prove you're a student. You must supply us with a student photo ID, student e-mail (if applicable, some schools do not provide a student e-mail), and any other material you possess to provide you're a student. Inability to prove you're a student will immediately disqualify you. No country is exempt from this giveaway.
2. Write us an e-mail at staff@vx-underground.org with the subject titled: "Red Team Ops opportunity". In this e-mail provide a brief introduction to who you are, why you would like this course, and how you intend to use this course to further expand your education and your career, and any other additional information to compel us to select you. If we suspect you're using ChatGPT we will orbital nuke you off of this planet.
3. The submission deadline is December 31, 2023. We will review all submissions and a winner will be chosen February 1, 2024. We will announce the winner on Twitter and Telegram (their PII will not be displayed, only an alias) and they will be contacted via e-mail. The winner will have 5 days to confirm they've received the e-mail and acknowledge they've won. Failure to reply in 5 days will result in a different winner be selected. Pay attention!
4. The winner will be provided with additional details on how to redeem the course and begin their educational course when they believe they're free to begin
This giveaway wouldn't be possible without our friend RastaMouse. He is an incredibly kind person and we are grateful he was able to hook us up with this to gift it to someone else. We hope this gift will give someone a chance in accelerate their career and do something they believe they might not have had the chance to do.
Good luck to everyone who chooses to submit an entry. Have a nice day.
Hello,
We are aware a Threat Actor is framing us with the name "Vx-underground ransomware".
1. We are not Threat Actors
2. It is insulting that you'd think we'd stoop so low as to use Phobos
Really? Phobos? Why would anyone use that hunk-of-junk?
Starting 2025 EDR's come with a bomb disposal specialist
Читать полностью…
December 4th, 2023 we will be doing one the largest giveaways we've ever done! =D
It is very exciting
November 15th, 2023 the United States FCC (Federal Communications Commission) adopted new rules and regulations to prevent SIM Swapping. The document was released publicly November 16th, 2023.
It is a long and lengthy report from the FCC, in collaboration with various United States-based mobile communication provides (primarily AT&T, Verizon, T-Mobile, Tracfone, and US Mobile). It is 98 pages.
The report documents new requirements by the United States government to combat SIM swapping, as well as complaints and feedback from mobile communication providers and security researchers (mainly from Princeton University).
The document also very politely calls mobile communication vendors dummies.
The super-super-super tl;dr:
- Account biographical information (payment history, call history) are no longer valid forms of authentication
- All SIM changes must notify the customer of the change prior to the SIM change being completed (presumably via SMS or phone call, unless in person?).
- All providers must offer SIM locking features.
- All customer support representatives must undergo additional training to combat fraud
- All vendors must record SIM changes and store all information on it for at minimum 3 years.
We probably missed other important parts, but this document is really boring and painful to read.
You can read the full document here: https://docs.fcc.gov/public/attachments/FCC-23-95A1.pdf
In the past 30 days vx-underground has delivered roughly 37TB of data.
Interestingly, a majority of this data is not from malware samples. It is from papers.
tl;dr nerds REALLY like reading malware papers
Hi
We're doing our weekly Friday update to vx-underground. We've added a bunch of papers. However, more interestingly we've added samples for Operation Triangulation - iOS APT spyware designed for espionage against Russian elites.
List of updates: https://samples.vx-underground.org/root/2023-11-17%20-%20Update.txt
To comply with the EEA's (European Economic Area) Digital Markets Act (DMA) Windows 11 will allow users to uninstall Microsoft Edge, disable Bing in Windows Search, turn off Microsoft News Feed, and remove ads from the Widgets board.
This only applies of the following countries
To be more specific and to avoid confusion (as it probably will), Google Chrome is transitioning to MV3 (Manifest Version 3) which alleges to "improve content filtering support" for the Declarative Net Request API which is used by many ad blocking plugins (and many, many other Chrome plugins). Google states these changes are for API security concerns. Many plugin developers (uBlock included) expressed concern that this move from MV2 to MV3 will render their plugins useless (or non-functional), despite this feedback Google has stated they will move forward regardless.
Some speculate this is an intentional move by Google due to suspected loss of ad-revenue.
We don't know.
The EFF (Electronic Frontier Foundation) stated they believe MV3 puts unnecessary restrictions on developers, individuals from AdGuard believe this to be a positive change.
uBlock Origin is prepared for MV3 with uBlock Lite, however this version is limited its functionality (so we're told).
YouTuber SomeOrdinaryGamers purchased a copy of the vx-underground collection.
If you're curious how non-nerds perceive malware or vx-underground - read the comments. It's ... something...
¯\_(ツ)_/¯
https://twitter.com/OrdinaryGamers/status/1724937536500277301