40630
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
There is a restaurant in the United States called "Waffle House". Waffle House is notorious for it's poor customer service, history of violence breaking out in the restaurant, it being open primarily in dangerous areas, and it also being open during severe weather events.
Waffle House is typically open during severe hurricanes and tornadic weather. The restaurants willingness to remain open during potentially life threatening weather has resulted in meteorologists creating a scale which measures weather severity based on whether or not Waffle House is open.
Despite the restaurants poor reputation, it has a cult like following in the United States. People go to the restaurant expecting poor service because the restaurant is ridiculously affordable and the food is pretty good.
One time I visited Waffle House with a friend. When we were waiting on our food the staff became frustrated with a customer who had locked themselves in the bathroom. Eventually one of the cooks busted down the door. They discovered the customer, a homeless looking person, was overdosing on narcotics on the floor.
While eating our food, EMTs and police officers were performing CPR on the customer. Staff were arguing about the door being broken. Nobody eating seemed bothered by the situation unfolding. It was a surreal experience.
This situation is not unique to me. If you take a moment of your time to lookup Waffle House footage online you'll see hundreds of videos depicting situations similar to mine.
I recommend everyone visit Waffle House.
I don't know a single person who uses Copilot. Quite literally everyone uses ChatGPT or Claude. Microsoft somehow fucked up the entrance into the AI era despite heavily investing on OpenAI.
Читать полностью…
Oh, I forgot to mention, Coinbase CEO Brian Armstrong publicly thanked internet cryptocurrency nerd ZachXBT for his assistance in the case. No further information has been released which documents the degree in which ZachXBT was involved.
Читать полностью…
tl;dr wasted 3 days because didnt read documentation
Читать полностью…
> be me
> spend 3 days working on proof-of-concept
> doesnt work
> have to try different way
The same day the United States Department of Justice partially released details on the Jeffrey Epstein case, the Department of Justice released a few other interesting press releases.
Three of the press releases fall into our domain of cybersecurity, the remainder are related to narcotics or illegal immigration.
There is some speculation however that the large volume of press releases unveiled at the same time were intended to be a distraction from the Epstein file disclosure. However, this is just speculative.
What is not speculative however is the modifications made to the United States Department of Justice Epstein file releases.
Since the release of the files, several files have been removed from the release. People reviewing the files noted that the files redacted contained images of the current United States President.
Some individuals online asserted these statements are false and the United States Department of Justice has made no changes to the Epstein file release. However, what people seem to forget is that the internet does not forget.
After the release of the Epstein files the Department of Justice website implemented a queueing feature to prevent accidental DoS. During this time I archived the Epstein file releases so people interested did not have to wait in line.
Guess who has the original releases which contains data which is now removed? It's on vx-underground under /tmp/, it's listed as DataSet1, DataSet2, DataSet3, and DataSet4. Feel free to compare these raw datasets to the new ones.
Hello,
The year is coming to a conclusion. Thank you everyone for another wonderful year.
Once the next round of giveaways finish I'll probably be AFK-ish. I am extremely fatigued from work and life. I'm not sure if it's possible, but I would like to be able to nap somewhere between 240 to 480 hours.
Thank you everyone for the fun times and sticking with me while I deal with a vx-underground and a newborn baby. I wholeheartedly appreciate all the kind words and support all of you have shown me. Many of you are great, caring, and compassionate people.
I have some good news and some neutral news. The good news is that I have completed (within reason) collecting every easily discoverable malware analysis paper on the internet. Yes, of course one or two may be missing here or there, but I feel like 14,000 papers over the time span of 2 decades is pretty good.
The neutral news is that moving forward vx-underground will primarily be keeping up to date on things. This isn't necessarily good or bad, but this means updates to vx-underground will be significantly smaller and fewer.
Truthfully, I'm not sure what to do anymore. I started the website with the goal of collecting malware source code, samples, and papers. I've collected 34TB (if decompressed) over 6.5 years. I feel like it would be a betrayal to my audience to continually make silly posts all day, everyday.
I sort of worked myself out of a job, I don't know.
It's being synced to prod now for vx-underground:
https://vx-underground.org/Malware%20Analysis
What the fuck did you just fucking say about me, you little bitch?
Читать полностью…
Epstein files were released by the Department of Justice today.
So many people tried to view it at once the DoJ had to implement anti-DDoS measures.
The amount of data they've released is INSANE.
Wow, wrestling has changed A LOT since I was a kid
Читать полностью…
Here is your free MacOS malware delivering using something akin to click fix and masquerading: mac-faster[.]com/app1/
The 'download' script does a CURL on ballfrank-dot-space
It delivers an obfuscated payload.
Deobfuscated: https://pastebin.com/PCz1cxMU
> make post about trying to contact Tren De Aragua
> get DMs
> "Uhhh hey, Smelly. TdA is very dangerous. I really don't think you should get involved with them
Bro, you think I'd actually try to contact them? They fucking murder people.
Also, I don't judge a book by it's cover, okay? I don't wanna sound like a hater but these individuals do not look friendly and I have a feeling they won't like my cat pictures
Me wondering if I should try to contact Tren De Aragua, a violent, transnational prison-formed street gang which operates as a cartel, rival to the infamous MS13, who is involved in murder for hire, kidnapping, maiming, drug trafficking, prostitution, money laundering, bribery, and extortion.
... so I can send them cat pictures and ask for their ATM malware
United States Department of Justice, Nebraska, indicts over 50 people involved in transnational gang TdA for deploying malware onto ATMs for "ATM Jackpotting"
Wtf that's badass (except the murder, extortion, maiming, etc. just interested in the malware)
https://www.justice.gov/usao-ne/pr/tren-de-aragua-members-and-leaders-indicted-multi-million-dollar-atm-jackpotting-scheme
This is very important information.
https://nypost.com/2025/12/20/us-news/cat-lost-during-hurricane-helene-miraculously-reunited-with-family-after-443-days/
Per The Information magazine, Microsoft CEO Satya Nadella has cut back Microsoft's Artificial Intelligence goals. Spending in AI data centers have reportedly been cut by as much as 50%. The reasoning deduced is that users prefer ChatGPT, Claude, or Gemini.
However, Microsoft stated to journalists at Futurism: "The Information’s story inaccurately combines the concepts of growth and sales quotas, aggregate sales quotas for AI products have not been lowered."
tldr Microsoft says they're not cutting back due to people not using it or being able to find sales. They're cutting back because ???
Coinbase has historically has received heavy criticism for failing to protect users for scammers and Insider Threats.
Friday, December 19th, 2025, Coinbase released a statement alongside the Office of the Brooklyn District Attorney Eric Gonzalez, and his Virtual Currency Unit, the indictment of 23-year-old Ronald Spektor of Brooklyn, New York, United States.
Ronald Spektor a/k/a "lolimfeelingevil", "I'm feeling Evil", allegedly impersonated Coinbase staff and scammed users out of an estimated $16,000,000. He deceived victims utilizing fictitious emails, text messages, phone calls, or fake websites.
Mr. Spektor, per court documents, was partially identified due to himself boasting on Telegram about his theft. He was particularly vocal on his Telegram channel, "Blockchain Enemies".
Court records indicate Mr. Spektor resides with his Father and a good portion of the money stolen was spent on online gambling. However, $105,000 in cash was seized and $400,000 in cryptocurrency was seized.
Mr. Spektor has been charged with:
- First-degree grand larceny (PL §155.42)
- First-degree money laundering (PL §470.20)
- Scheme to defraud (likely first degree, PL §190.65)
Additionally, per documents which state Mr. Spektor is facing other "related charges", Mr. Spektor may be facing
- Falsifying business records
- Criminal possession of stolen property
- Identity theft
Based on the charges brought forth, Mr. Spektor is facing over 30 years in prison. However, it should be noted that the current judicial system in the United States often does not do maximum penalties unless someone is a repeat offender.
Mr. Spektor being a first time offender, and assuming he takes a plea deal, is more likely to receive 12 years in prison with a required 85% time served. If Mr. Spektor decides to take the case before a jury and proclaim his innocence, and he is found guilty, he faces 15 - 20 years in prison.
In simplest terms, if Mr. Spektor "snitches" and behaves, he will serve 10 years in prison and be released sometime in 2036.
If he tries to fight the case and is found guilty, he will face 15 - 20 years, but with good behavior could be released somewhere between 2038 - 2043.
Coinbase CEO Brian Armstrong, alongside the Brooklyn District Attorney Eric Gonzalez, released a mugshot of "lolimfeelingevil" a/k/a Ronald Spektor
I didn't read documentation close enough. I thought I was galaxy brain (I wasn't galaxy brain).
Basically, I wanted to make a WinRT / Windows COM malware proof-of-concept that only executes when the machine is locked. When it is unlocked the malware stops executing. I've done this before very easily with my "Fever Dream" code snippet (I named it Fever Dream because I was very sick when I wrote it).
Anyway, I have a very small brain and wasted A LOT of time on something I should have noticed way earlier.
The formatting is really messed up. I'm not sure why Pastebin cooked the formatting. Whatever, here is a really shitty proof-of-concept. The code DOES WORK when the user logs out then logs back in. However, if the user logs out the code won't work anyway unless it is running as a service.
https://pastebin.com/raw/L752XNTV
Why Donald Trump was removed from the Epstein data release is purely speculative. Based on the nature of the case I believe most reviewers were infer something profoundly nefarious.
It's up to you to decide.
The entire case has drawn international attention and will continue to draw international attention for quite a bit of time. We are living in an extremely significant moment in history which will likely be studied closely in the future.
When your children age and ask you, "Mommy, Daddy, do you remember the Jeffrey Epstein case?". You can proudly respond: "Yes, we used primitive AI to make memes about it to minimize how traumatic and unjust the world is. Now stop asking too many questions before the government turns off your NeuroLink chip"
jamieantisocial noticed something interesting.
Look the dramatic increase in malware campaigns from 2019 - 2023. What could this be? What happened during those years?
> wonder if anyone found anything interesting in Epstein files
> open x to look
Behold my magnum opus. Here is my malware analysis paper collection
Papers:
2006 - 2 papers
2007 - 6 papers
2008 - 4 papers
2009 - 15 papers
2010 - 46 papers
2011 - 60 papers
2012 - 127 papers
2013 - 140 papers
2014 - 170 papers
2015 - 355 papers
2016 - 480 papers
2017 - 793 papers
2018 - 801 papers
2019 - 1056 papers
2020 - 1989 papers
2021 - 2634 papers
2022 - 2607 papers
2023 - 1450 papers
2024 - 1153 papers
2025 - 800 papers
Don't you EVER ask "whAts A GooD pLaCe To LeaRn MaLwaRe aNalYsiS?". I've got 14,869 malware analysis papers curated and organized. Most the papers have the samples with them too.
It's the muthafuckin' library of Alexandria for malware. This shit took half a decade.
I'm uploading them to vx-underground if you don't feel like dealing with the DoJ. It's on vx-underground under /tmp/ and named DataSet1,2,3,4
Crime scene evidence:
Who is this man and why does he speak in silly voices
Читать полностью…
Chat, we've got FREE MACOS malware. Big news for malware nerds
https://malwaresourcecode.com/home/my-projects/write-ups/free-macos-malware-for-everyone-hurry-up-before-google-patches-it
On Monday someone sent me a URL to a website trying to do click-fix targeting MacOS. I missed the message because the X DM system is a broken piece of shit.
The website is 100% malicious, but the final C2 part is dead. Staging payload still works.
I MISSED FREE MAC MALWARE
Would it be the dumbest thing I've done? Maybe
Would it be cool and badass? Yes
Yeah, these guys are not the brains behind the operation. I can't imagine someone technically savvy enough to develop ATM malware to then brag on social media about it
Читать полностью…
I've updated malwaresourcecode.com
I've demonstrated some unusual ways to achieve rand() (random integer) using RtlUniform, IOCTL Cng, IOCTL KsecDD, and CryptographicBufferStatics
Why? Because I like weird stuff
Love you