14365
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Gone for the day and return to see the United States government doing schizo Boomer Facebook posting
Читать полностью…
Hello,
"Sean" has informed us that, somewhere in the midst of our kitty cat collection, is a photo of a cute doggie making homophobic remarks.
This is terrible news. The entire collection is contaminated.
Hello,
We see from our torrents that an absolutely colossal amount of people are downloading AND seeding our kitty cat picture collection
What the fuck lol
Spent a long time making sure this torrent was good, TorGuard could seed it for us, and fixing our melted infra.
You nerds better download these cat pictures.
Hello to the Threat Actor who compromised the Parliament of the Republic of South Africa Xitter account and gave us a shoutout... kind of?
They live streamed homosexual pornography and left the vx-underground Xitter tab open.
🥴🥴
The attached images is from a 1988 malware analysis report from AT&T Bell Labs. The report does a high-level overview of a viral infector targeting UNIX operating systems.
Читать полностью…
We've got lots of stuff to add to vx-underground. We've re-prioritized — unironically highest priority is creating kitty cat 7z torrent.
Читать полностью…
We'll be making a torrent.
This was a joke file — we didn't anticipate literally thousands, upon thousands, of people to actually want to download 110,000+ photos of kitty cats. This was our most popular file ever downloaded, ever. It destroyed our infrastructure.
This collection is from various scraping we've done. Some of the images are doggies, horsies, a few silly pictures of human babies being babies, some other cute animals like foxes and rabbits.
99% are kitty cats
Per request of like, a dozen people, in roughly 90 minutes we will be releasing something super cool (unless you dislike kitty cat pictures).
Un momento, señor y señora.
Scott Presler, American conservative political activist, shared details today on social media regarding unusual activity on his Xitter account.
What could it mean?
American social media and politics is absolutely amazing and is x10 better than any other country.
Two dorks got into a Twitter argument over tariff impact on clothing and have mutually agreed to settle there differences with physical violence.
America 🤝 Violence
After the FBI and NCA UK took down Lockbit ransomware group servers, arrested their lead developer, sanctioned the group, and listed the "leader" of the group on the FBI's Most Wanted, we assumed Lockbit ransomware group would either rebrand or die.
Well, they died for a little. But we are beginning to see signs of Lockbit ransomware group again. The past few weeks we have seen more and more reports surface of their attacks. Although they are no longer near where they used to be (30+ ransoms a day), the fact they're making a comeback is both impressive and scary.
Lockbit ransomware group is like a cockroach. He is immune to virtually everything — we thought he was dead, but he is alive still.
Also, unrelated to Gronk, we've updated vx-underground. We've added InTheWild 140 - 151. This is 275,000 new malware samples.
Additionally, we've updated TheOldNewThing archive for January, February, and March.
Large paper tsunami coming today.
Cheers,
Hello,
Tomorrow we have a large update coming. Unsurprisingly, it is the same ol', same ol'. It is malware source code, samples, and papers.
-smelly smellington
P.S. glad so many of you liked the kitty cat collection. It's fun doing goofy stuff on the internet
Thank you, B F R e p o V 3 F i l e s, for sharing the cat picture collection. Not sure if you'd like to label it a breach, but we'll take it.
¯\_(ツ)_/¯
YOU'RE ALL TRYING TO PULL THE WRONG TORRENT
🗣REDOWNLOAD THE TORRENT WITH SEED
In these trying times the one thing which remains constant is the value of kitty cat pictures.
Please take a copy of our kitty cat picture collection. It is 159.9GB (111,429 files) of kitty cat pictures (a torrent!)
Economic problems 🤝Kitty cats
https://vx-underground.org/Torrents
Updates to the Malware Builder collection via Cryakl (may include subvariants)
-A7m3dRat
-CraxsRat
-Gh0stCringe
-HadesRat
-KazyBot
-Nbclass
-PhoenixKeylogger
-PurpleFox
https://vx-underground.org/Builders
APT samples and papers:
2024.10.24 - Operation Cobalt Whisper - Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan
2025.01.20 - Operation Hurricane - A brief discussion of the techniques and tactics of the Xinhai Lotus organization in memory
2025.01.21 - Love and hate under war - The GamaCopy uses military-related bait to launch attacks on Russia
2025.01.23 - Mapping Suspected KEYPLUG Infrastructure - TLS Certificates, GhostWolf, and RedGolf APT41 Activity
2025.01.23 - The J-Magic Show - Magic Packets and Where to find them
2025.01.28 - ScatterBrain - Unmasking the Shadow of PoisonPlug's Obfuscator
2025.01.29 - CL-STA-0048 - An Espionage Operation Against High-Value Targets in South Asia
2025.01.29 - Operation Phantom Circuit - North Koreas Global Data Exfiltration Campaign
2025.02.03 - Analysis of malicious HWP cases of APT37 group distributed through K messenger
2025.02.03 - macOS FlexibleFerret - Further Variants of DPRK Malware Family Unearthed
2025.02.07 - Chinese-Speaking Group Manipulates SEO with BadIIS
2025.02.11 - Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
2025.02.12 - 2024 Global APT Research Report
2025.02.12 - Cybercrime - A Multifaceted National Security Threat
2025.02.12 - The BadPilot campaign - Seashell Blizzard subgroup conducts multiyear global access operation
2025.02.12 - UAC-0063 Cyber Espionage Operation Expanding from Central Asia
2025.02.13 - Analyzing DEEP#DRIVE - North Korean Threat Actors Observed Exploiting Trusted Platforms for Targeted Attacks
2025.02.13 - Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
2025.02.13 - RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
2025.02.13 - Stimmen aus Moskau - Russian Influence Operations Target German Elections
2025.02.13 - You've Got Malware - FINALDRAFT Hides in Your Drafts
2025.02.18 - Earth Preta Mixes Legitimate and Malicious Components to Sidestep Detection
2025.02.19 - Signals of Trouble - Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger
2025.02.20 - Analysis of the APT-C-28 (ScarCruft) organizations attack activities using fileless delivery of RokRat
2025.02.20 - DeceptiveDevelopment targets freelance developers
2025.02.20 - SPAWNCHIMERA Malware - The Chimera Spawning from Ivanti Connect Secure Vulnerability
2025.02.20 - Stately Taurus Activity in Southeast Asia Links to Bookworm Malware
2025.02.20 - Weathering the storm - In the midst of a Typhoon
2025.02.21 - Angry Likho - Old beasts in a new forest
2025.02.23 - The Bybit Incident - When Research Meets Reality
2025.02.24 - Erudite Mogwai Uses Custom Stowaway to Stealthily Advance Online
2025.02.24 - Operation SalmonSlalom - A new attack targeting industrial organizations in APAC
2025.02.25 - Chinese APT Target Royal Thai Police in Malware Campaign
2025.02.26 - RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector
2025.02.27 - A case of phishing email attack by Larva-24005 group targeting Japan
2025.02.27 - Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools
2025.02.27 - Squidoor - Suspected Chinese Threat Actor's Backdoor Targets Global Organizations
2025.03.03 - Operation sea elephant - The dying walrus wandering the Indian Ocean
2025.03.04 - Call It What You Want - Threat Actor Delivers Highly Targeted Multistage Polyglot Malware
2025.03.04 - Likely DPRK Network Backstops on GitHub, Targets Companies Globally
2025.03.05 - Silk Typhoon targeting IT supply chain
2025.03.12 - Ghost in the Router - China-Nexus Espionage Actor UNC3886 Targets Juniper Routers
2025.03.12 - Hack The Sandbox - Unveiling the Truth Behind Disappearing Artifacts
2025.03.12 - New Android Spyware by North Korean APT37
2025.03.13 - Analyzing OBSCURE#BAT - Threat Actors Lure Victims into Executing Malicious Batch Scripts to Deploy Stealthy Rootkits
2025.03.13 - Detailed Analysis of DocSwap Malware Disguised as Securit
>Openly share 159GB file of kitty cat pictures
>5,350+ people rush to download the file
>850TB of web traffic flood in
>Cloudflare reports 1,850% increase in web traffic
>everyone_panic.jpeg
>More people try to download the file can't
>People angry, demand cats
Our hosting provider TorGuard wondering why our host suddenly received terabytes of traffic within a few minutes and why it's all related to kitty cat photos
Читать полностью…
Chat, we've got a problem.
Over 5,000 people are trying to download our kitty cat collection file. It is 159GB.
What is 159GB x 5,000 downloads at the same time? Unironically, we are DDoSing ourselves with cat pictures.
In these trying times the one thing which remains constant is the value of kitty cat pictures.
Please take a copy of our kitty cat picture collection. It is 159.9GB (111,429 files) of kitty cat pictures.
Economic problems 🤝Kitty cats
https://vx-underground.org/tmp
We've updated our malware builders collection.
It's beautiful. Thank you so much to Cryakl for assembling this MASSIVE collection. We have 545 malware builders!
*Please exercise caution if you decide to experiment with them
https://vx-underground.org/Builders
Actually, we take it back, France is the current leader is political outrage. But America is a strong contender.
Читать полностью…
Everyone: wtf lockbit just give up bro, the fbi and nca uk reported youve made over $1,000,000,000 from ransomware
Lockbit:
Note: this was from the ProtonPrivacy Reddit. The cell phone image was shared on "Tech Crimes" on Telegram.
Some users have speculated it is from "too many people using the same VPN server" (?). Others reported they had the same issue when using Mullvad
Users reported it only impacts specific YouTube channels — other state the error is across all YouTube channels. Some users stated they were able to evade the flag when using "Stealth Protocol" with Proton.