14365
The largest collection of malware source, samples, and papers on the internet. Password: infected Website: https://www.vx-underground.org/ vx-underground Telegram chatroom link: https://t.me/+njfLzUrqos01ZWNh
Imma be real with you, Chat. I've been unfathomably busy IRL and it's brought me immense joy schizo-posting satirical nonsense to thousands of people.
Читать полностью…
This is pretty much what it's like dealing with malware droppers
You're like, oh sweet, it's a kitty cat. But then you discover it's actually a barrage of kitty cats and that's fine but you didn't expect so many at once
Windows 11 is the more secure and privacy focused Operating System
Only real privacy enthusiasts use it
TeamSpeak is in the restroom, shadowboxing in their underwear, praying to God that Discord does something stupid(er) and results in a user base collapse
Читать полностью…
Updates to the vx-underground collection:
- 2025-03-02 - Abusing IDispatch for Trapped COM Object Access Injecting into PPL Processes
- 2025-04-03 - CreateFileMapping to replace ReadFile
- 2025-04-08 - Notes on bypassing mailbox audit logs
Today virus exchange was banned from our (other) hosting provider (Wasabi). They claim our domain virus-dot-exchange has malware on it.
They cited 1 specific file hash and stated virus exchange is disabled until we can explain why we have 1 malware on the server
What the fuck?
Updates to the vx-underground collection:
Papers:
- 2004-06-06 - Execution redirection thru Image File Execution Options key
- 2025-04-07 - Bypass WDAC WinDbg Preview
- 2025-04-17 - Notes on RtlGetUnloadEventTraceEx
Malwares:
- InTheWild.0152
- InTheWild.0153
- InTheWild.0154
- InTheWild.0155
- InTheWild.0156
- InTheWild.0157
- InTheWild.0158
- InTheWild.0159
April 14th, 2025, David M. Dorbish Jr., passed away as a result of a suspected drug overdose.
David M. Dorbish Jr. was a prolific online serial swatter who plead guilty to 15 charges in 2020.
>be me
>work on crappy computer virus website
>uploading 200gb of bad computer programs
>bored
>listening to Primer 55
>looking at cat pictures
ok ttyl, gonna let stuff upload
After we reassessed and improved our malware builders collection we've had a significant influx of people asking for the password.
Chat, the noobs are looking for malware
One of my fondest memories of Lockbit ransomware group was when Lockbit ransomed a small nonprofit healthcare clinic in South America.
They begged him to decrypt the machines so they can provide treatment to people in need. They primarily provided healthcare to people in remote areas who have little to no money, education, or work.
Lockbit said: "If you have money for computers, you have money to pay me"
Wow, truly a heartwarming moment. Very cool.
Removed weird balloon thing from car. Now can safely store beer in car
Читать полностью…
They also called us an embarrassment and said our post is borderline malicious because it is misleading because (or the researchers, whoever), did not read the security guidelines.
Читать полностью…
The naming convention "Trojan" easily confuses people i.e. Remote Access Trojan. Unfortunately, due to successful media campaigns, the term Trojan is now closely affiliated to condoms.
Instead we petition to formally change the term to something which is reminiscent of the term "Trojan Horse", and carries the same meaning
Suggestion: Horse
Example(s):
- Remote Access Horse
- Sophisticated Horse
- "... The Threat Actors inserted a Horse payload into the Word document..."
Laymen can easily identify a horse and they will understand the concept of a horse on the loose is very dangerous. You can explain to customers there is a horse loose in their computer and the horse is causing serious damage.
It's so privacy focused, it takes images of what you're doing every 90 seconds to ensure you're not making any opsec mistakes.
It then saves it in a super secure location (APP DATA) so then you can review it later if you want
Hello,
To work in IT and/or cyber security...
You don't like have to like Linux, you don't have to like C (or Assembly), you don't have to like Mr Robot, you don't have to go to conferences or meetups, you don't have to prefer IRC over Discord, you don't have to have a fancy setup
You can like or dislike whatever you want. Don't feel pressured to think or behave a certain way.
ok ttyl love u, kissies
- smelly
Discord CEO stepped down. The new upcoming CEO was previously the CEO of Activision. His resume includes the implementation of micro-transactions in Call of Duty.
Imagine if Discord suddenly introduces micro-transactions, like paying $10/month for unlimited call times 😂
No idea what's going on, but the bucket they reference has millions upon millions of malicious binaries.
How did miss the other 36,999,999 malwares
getting emotional right now, thinking of windows xp and listening to evanescence
https://www.youtube.com/watch?v=5anLPw0Efmo
I hate seeing people write and/or say "cyber" in the context of cybersecurity i.e. "I'm studying for cyber right now".
The word "cyber" is an adjective — do you study big, tall, short, tiny, blue, stinky?
/me flips desk
Hello,
Currently uploading 175,000 new malwares. We've also got some papers and other stuff we've gotta add.
cat_picture.png
We've seen a bunch of dorks on Twitter use this meme format to insert mathematics and physics stuff into the Chad thought bubble.
Hate to be the bearer of bad news, but if you've ever actually spent your day doing something "intellectual intensive", your brain requires brain rot. You physically cannot brain science non-stop everyday. Do gym bros stay in the gym 24/7? Do athletes train 24/7? No. You need down time. The brain is (in some capacity) a muscle too which requires training.
The only people we've seen brain science hardcore non-stop are one of the following (sometimes multiple):
1. Autistic nerds (not memeing), some autistic people have God levels of focus
2. ADHD nerds, if you get them on that weird hyper-focus stuff they'll lock in for like, 4 days and not bathe or eat
3. Nerds on drugs, more common than you'd think, but the nerds abusing amphetamines (or nootropics in general) lock in pretty hard too, until they crash out and they're worthless slabs of meat for like, a week or more
Anyway, the entire point of this micro-rant is to tell some of you to not be brain washed by pseudo-intellectual grifters on social media. The entire part of braining is to have fun, explore, and learn. It isn't a competition, it isn't a "lOoK hOw SmaRt i Am" competition, it isn't a race to who can do the newest and coolest research.
When you're bored of a video game do you force yourself to like it? Same as brain stuff — you might try to force yourself through the boring parts, but eventually you'll be like, "this shit is lame", and move onto something you like more.
Look at cat pictures, laugh at edgy memes, understand there is time for braining and there is time for brain rot.
Okay, talk to you later, love you, mwah kissies kissies
-smelly smellington
Hello,
We've removed the post on the Bubble zero day. The purpose of the post was to draw attention to the issue — which was indeed addressed.
As a recap, 2 researchers published a paper on Bubble-dot-io and how to exploit it. Bubble ignored them. We were requested to relay the issue loudly so it was addressed. It was addressed. Bubble asserts they do not consider this an exploit because this is the result of users failing to RTM and follow the Bubble security guidelines.
I will personally take the L that it was a stretch to classify this as zero day when this is the result of users not following the Bubble best practices guide. It does not impact Bubble in totality.
tl;dr 2 guys 1 bubble
Bubble-dot-io employees have responded.
Bubble (or individuals representing the company) assert the code we shared yesterday is not a zero day exploit and we (or the researchers mentioned) failed to take appropriate measures to read the documentation provided by Bubble
In summary, they state each user is responsible for the security of their data and users must follow the appropriate Bubble-dot-io security guidelines. The issues we relayed yesterday do not impact Bubble-dot-io in totality, rather these are customers who failed to follow the guidelines