40630
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
tldr University is a bunch of fucking bullshit because they want to charge you a bunch of money so you can learn. Learning should be free, or at least not place you into crippling debt. Knowledge and higher learning should be accessible to anyone who wants to learn
Читать полностью…
Thank you Iowa State University for letting me schizo rant for 80 minutes.
The talk began with discussing malware. As the talk progressed, it derailed into discussing malware (specifically ransomware) for sex toys.
In the midst of me discussing Threat Actors deploying "cock lock" ransomware, a university TA (Teaching Assistant) arrived. They heard me utter a few words about chastity belts, men having their weiners locked and/or extorted, ... and they promptly left the talk (presumably from shock or confusion).
Sorry, teacher professor person. The students wanted to unironically discuss the cybersecurity posture on sex toys. As silly as it sounds, it is a serious discussion topic.
Not complaining, just a silly observation. Anyone could make a vx-underground (and probably do it better than me).
You have to be dedicated to the pain and the boring. You have to sit here and say, "omg why am i doing this"
Tomorrow I'll be talking at Iowa State University.
I forgot I scheduled to do this talk.
Rest assured I am woefully unprepared, will probably arrive late, and I will begin the talk about my frustrations about the rising cost of Taco Bell
One of the most downloaded songs right now in United States country music comes from the band "Breaking Rust".
Breaking Rust is an AI band.
Breaking Rust is listed on Spotify as having over 2,000,000 monthly listeners
https://www.whiskeyriff.com/2025/11/08/an-ai-generated-country-song-is-topping-a-billboard-chart-and-that-should-infuriate-us-all/
Reverse engineering tip
If you're not sure something is ransomware, run it as Admin on your computer
If your documents are no longer accessible and your wallpaper has changed, then it is probably ransomware
> make post saying tired of AI slop malware
> say want to see spooky goop
> get sent source code to Lockbit 5
I said "spooky goop". I did not say "the source code to something that an adversary of the United States government is currently using to perform ransomware attacks against critical infrastructure"
Spooky goop is usually like, interesting malware stuff. What I have received is more akin to "dangerous goop". Generally speaking, I do not like dangerous goop because dangerous goop is dangerous.
I guess all we can do is post a funny video of a cat walking away and blame this on "another day of internet schizophrenia"
Читать полностью…
Tiny people living inside my computer,
I have pushed updates to the malware website you sometimes visit.
Thank you for your time.
https://vx-underground.org/Updates
Oh. My. God.
I'm pizza farming IRL.
Another pizza dinner for my wife and I. God damn it feels good to be a gangster
When I made my malware reverse engineering tip thingie, some noobs commented that file headers are complicated, or whatever. At first glance they seem kind of crazy but they're actually pretty shrimple.
For those who don't know, every executable file on your machine (with some exceptions, but we won't go there) have "headers". The word "head" here is the keyword. It's what is first. It's the "head" of the executable.
The "headers", or stuff that comes first, is just a bunch of mumbo jumbo your operating system reads to understand what the fuck it's doing and to understand what it's looking at.
Windows is different than Linux. We'll discuss Windows because that's all I know because I'm a Windows nerd.
Windows does a bunch of junk when files are executed (not just .exe files). We won't discuss it all because it's a bunch of nerd stuff. We'll focus exclusively on .exe files.
The Windows headers (called PE headers, an acronym for Portable Executable) are layered and are old and have historical context. There's multiple headers. Each "header" discusses different stuff about the .exe file.
You can think of headers as like shipping labels on a box that you receive in the mail. The shipping labels will describe stuff about the box like, size, height, weight, what could potentially be inside (such as batteries), blah blah blah. File headers do the same kind of
File headers on Windows will say stuff like:
- Is this a .exe, .dll, .sys, etc?
- Where the fuck is the actual code in this file?
- Where the fuck does the actual code stop (so it knows when to stop reading)?
- Where the fuck are the embedded images the code might use (called the resource section, for displaying icons)?
- How big is this fucking thing?
- When the fuck was this compiled?
- How old is this fucking thing?
- Is this fucking thing signed?
- What the fuck is it written in (mostly for .NET stuff)?
- What other fucking libraries does this thing depend on?
- Does this fucking thing share code with other things (for .dlls and stuff)?
... and a bunch of other stuff the computer might need to know.
Is all of this important to your computer? No, not really. But some of it is for silly stuff like "drivers". Some of it is metadata naturally included from compilers (the thing that made the .exe).
Does Windows actually say "fuck" a lot when trying to run .exe files? Yes, yes it does. Windows is very angry
Can you modify the file headers to trick Windows? Yes, this is done by things called "malware" or malicious software. You can lie to Windows and still make it run the .exe by confusing it's little brain (kind of, different story for a different day)
Here is a tip for noobs for reverse engineering malware stuff
Tip 1. When you get a file and you think it might be spooky, you need to determine what kind of file it is. You cannot rely on file extensions.
The easiest and most ghetto way (the way I do it) is opening the file with a text editor and looking at the first few bytes in the file
If the weird spooky file starts with "MZ" at the beginning, it's an executable binary (.exe, .DLL, .sys). If it starts with "PK" it's a compressed file (or maybe an Android file, long story). Anything else that looks readable is going to be weird stuff like malicious JavaScript, .Lnk files, HTA files, Python files, etc.
Knowing the file type is very important. This will help you determine what kind of stick you need to poke the spooky file with
The "FREE ROBUX" advertisements on this websites LOOKS like it's trying to implement the "ClickFix" malware masquerading and/or payload delivery method.
After you enter your Roblox name for your "FREE ROBUX" the website states the server is "overloaded" and you need to "manually bypass" the authentication, or whatever, so you need to "verify" you're a human
This all aligns perfectly with "ClickFix". All signs point to YES for a malware delivery campaign except there is one small problem... THEY FORGOT TO SET THE FUCKING DOWNLOAD LINK IN THE CAPTCHA BUTTON
Dawg, how the fuck are you going to deliver malware when your slop website doesn't actually deliver anything? If you're wondering why you don't have any infected machines, it's because YOU DIDN'T SET THE FUCKING DOWNLOAD BUTTON
HOW ARE YOU GONNA UNIRONICALLY BROWSE ARCH LINUX FORUMS BUT DETONATE A FAKE MS TEAMS BINARY
DAWG, LOCK IN
Don't worry, Blavity. I won't say anything to anyone about this e-mail chain.
I am not an expert, but based on the response from the extortion group I do not think they care you're involving the FBI and Secret Service.
I've been informed that I deeply bothered some students from a previous talk I did because I said, "University and school is a bunch of bullshit".
I should probably clarify that statement because, as I said that, I was speaking at a University.
Schooling, University, higher education isn't "bullshit". It is "bullshit" in that I believe they over charge students and have a tendency to deliver false hope and unrealistic expectations.
Universities are for high education yet recruiters (and some students) treat it more akin to a job fair.
Education is serious. It is immensely important. Education is why I make everything on vx-underground free. I encourage you to learn, strive, improve, follow your curiosity, and do silly things. Education is paramount.
When I criticize Universities, I am not criticizing you or your decision to enroll in a University. Many people do well in a structured learning environment and for many people it is a good choice. A University can be a great way to make friends, social network, and learn.
I just wish Universities (specifically in the United States) didn't place people in immense debt for simply wanting to get a higher education. I also wish Universities didn't exploit and/or mislead students into the idea that "more education" immediately translates into "more money". Attending a University should be driven by intellectual desires, not financial.
Anyway, I am sorry I didn't elaborate on that more and I am sorry to the students who felt like I was criticizing their career path and/or route. Please know that I am not calling your decision bullshit, I am calling the University which charges you $60,000 for wanting a higher education bullshit.
🚨BRAEKIGN🚨
New footage from Microsoft executives found online. Microsoft discusses the how Windows will be agentic, connect devices, cloud-based, and how they'll use AI to unlock intelligent productivity.
Yeah, so pretty much the only reason people give a fuck about what I say or do is because I'm the only person dumb enough to copy-paste terabytes of malware stuff into a bucket and do it for free
I've been copy-pasting everyday for 6.5 years
My favorite thing about AI is how good it is at programming
Microsoft CEO said they use AI to work on Windows 11 and they have had great success
They have had some small issues though such as
- Unable to close task manager, trying to close it made it make more task managers
- Windows 10 incorrectly telling customers their licensing has expired
- Windows recovery mode not working correctly, keyboard and mouse didn't work
- HTTP local host not working
- BitLocker issue, restarting PC makes bitlocker mad and think there's been a hardware change
- Xbox game pass issue, children couldn't play on family account if parental account was online
Other than this, it's been p good
I did this at work. My bosses were amazed by how fast I was able to identify it was ransomware
They were so amazed they began screaming, pulling their hair out, and crying
Anyway, I gotta do stuff offline. I'm busy. Not sure what I'm gonna do yet with this source code.
The last time I archived the source code to ransomware stuff a bunch of hospitals got ransomed by random nerds and everyone blamed me for it. I should probably be careful
Last time I had something silly from Lockbit ransomware group, Dmitry Khoroshev (alleged leader of Lockbit ransomware group, estimated net worth of $4,000,000,000 according to the FBI, NCA, and EUROPOL), said he would put me in a coffin
What does it mean
I have the source code to Lockbit 5.0
Someone randomly messaged me saying they had the source code. I didn't believe them.
They sent me the source code.
They disappeared.
I have no idea what's going on
Here's another noob reverse engineering trick.
This trick is for when you're a lazy nerd and don't want to use the command line and also you have no idea what's going on
If you're on Windows you can open .exe files with 7z GUI (open file as an archive). You can use this to look at each section, including the resource section, to look at possible embedded binaries or whatever junk is present (or not present)
Got invited to do another talk at another University
Getting paid in pizza again
Easiest pizza of my life. Good game, nerds.
"why not use a hex editor or some other tool?"
I mean, you can. But a really quick and easy way to quickly and easily determine the file type is to use a read only application, like a text editor, to review the first few bytes of the file.
If you're not sure or confident in what you see then you use something else to review the file headers and stuff.
Since I unironically reverse engineer malware on Windows (generally speaking, not a good idea, but I'm around malware so much I don't give a fuck anymore), I just right click the file and select Open With Notepad++
I'm over here smashing the CAPTCHA button, begging these nerds for some free malw— er...... "Robux" and nothing happened. I thought I was clicking the button wrong. I am filled with disappointment.
Читать полностью…
Massive shout-out to the local governments of New York, Hawaii, Louisiana, and the homies at the Supreme Court of California.
It's 2025 and they're helping people get FREE ROBUX
Big shout-out to this random NERD who infected themselves with malware while doing nerd stuff
Bro was reading posts from FFmpeg, some 18+ VTuber, and Linux forum stuff. He didn't pay attention and detonated malware on his machine from a fake Microsoft Teams URL
Got CC'd in a legal e-mail chain between a company being extorted and an extortion group.
I do not know why I am in this e-mail chain. I do not know who this company is.
I do not know where I am.
Another day of internet schizophrenia