40629
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
Hello,
I've receive your messages loud and clear. You want more cat pictures. I have 12 "cat blocks" on VXUG already. Each "cat block" is 2,000 pictures. I'll add like, 37 more blocks.
I will work on uploading tonight
https://vx-underground.org/Archive
I've seen nerds say, "how does the malware guy who doesnt go outside have a family and i dont?"
Well, it's very shrimple.
1. I don't talk about what I do, ever. They don't understand malware and if I tried to explain it they'd be scared.
2. I don't tell anyone what I do on the internet, ever. If I told people I unironically talk to cyber terrorists and send the FBI pictures of cats they'd be scared.
3. I don't talk about computers or anything technology adjacent, ever. Computers are for nerds and normal people don't understand it. If I explained anything they'd be scared.
4. I dress normal. I wear generic middle class jeans from generic middle class stores. I wear generic shoes like Nikes. I don't wear cybersecurity shirts. All my shirts are cheap $8 shirts that are blank with no logo on it.
Basically, be a normal person. Talk about dumb shit, like the weather or food, or something. Ask people about themselves (they love talking about themselves). You have to segregate internet person from IRL person.
tl;dr malware is illegal and for nerds
Hello,
I added more malware and more malware papers to the website most of you don't even realize this page is about (I collect malware source code, samples, and papers).
Big updates:
https://vx-underground.org/Updates
Babies have no concept of danger. All they know right now is "I can go places" and "I want to go places". He probably think it's funny Mommy and Daddy gave him a bunch of attention and thought falling was like a fun little ride.
tl;dr on constant suicide watch
tldr if you're missing an email, or forgot to read an email, just blame it on Microsoft. Ez GG
Читать полностью…
Earlier today X employees bragged X only has 30 employees. Guess which website is down again?
Читать полностью…
full write up: https://vmfunc.re/blog/persona
Читать полностью…
nerds were goofing around on the internet and accidentally found mass surveillance technology owned by openai, persona-id, and working with the us gov
guess i gotta do a tl;dr on this mfer
Was surfing the internet and found some kid who is sharing his malware proof-of-concepts online. His work is primarily recycling and recreating existing techniques for him to study or to demonstrate the ideas to others.
Is his code good? No, God no. It is littered with errors, poor naming conventions, and extremely dangerous control flow. I love it him for this, unironically.
This kid having bad code shows he isn't using AI to work. He is legit. He is putting himself out there, demonstrating what he can do (or can't do), and showing he isn't afraid to get criticized.
I love seeing people grind and put in the work. It's the pain that makes you good. Taking shortcuts doesn't achieve anything.
I don't know if it he is on social media stuff, but you're doing good stuff, "CaptMag". Keep putting in work. You'll go far. I see you, gang.
When people ask what I do for a living I have no idea how to explain to them I collect, develop, and reverse engineer malware.
I usually say, "I do stuff with computers".
Then I immediately change the conversation and hide.
FLARE released a paper on a Linux botnet using IRC as a C2.
WHAT YEAR IS IT???
Then I remembered Threat Actors can't use Discord as a C2 because they probably want ID verification
Meanwhile on X, I volunteered to run TorGuard VPNs social media. They're a big donor to vx-underground.
In one day I got in trouble. I made a joke we're laying off the engineering department and apparently it's not cool to joke about laying people off
Okay, so Kim Dotcom made a post online saying he has information about Palantir being compromised.
I am extremely skeptical of these claims.
My initial post escaped my core audience (as is tradition) so I am going to be a little more verbose and explain stuff.
Compromising a large institution such as Palantir is not something some random guy down the street can do. Palantir is large and has many moving parts. In other words, Palantir does not store all of it's information on one computer and in a crusty old hard drive somewhere.
Palantir (presumably) has data segregated meaning not all data is one place. Different types of data is going to be stored in different locations (in the cloud, or physically on-premise). Hence, a compromise of Palantir which would unveil ALL DATA would require two things:
- Extreme skill
- Extreme patience
This sort of compromise is not something that happens in a day. This sort of compromise is something which would take weeks, months, or maybe even years depending on the objective. Historically, when large compromises toward large institutions occur it is almost exclusively performed by state-sponsored Threat Groups (hackers funded by governments), or in some more rare scenarios, financially motivated Threat Actors (ransomware, extortionists).
If Palantir was compromised, it would be EXTREMELY unusual for a state-sponsored group or financially motivated group to make it exclusive to one individual person. Rarely do state-sponsored Threat Groups notify influencers, or journalists, ... or anyone really of their objectives. They're funded by governments. Governments do not care about clout. IF a state-sponsored group does notify someone, they typically do mass e-mails to journalists (for misinformation, disinformation, or fearmongering, some sort of strategic objective, they don't do it to look cool).
If it was performed by a financially motivated Threat Group they will almost immediately discuss it online in their domain of choice. For example, many Threat Actors who compromise places may sell access on forums such as Exploit, TierOne, or Breached (or whatever is adjacent to Breached). Alternatively, ransomware groups post about it on their personal website to try to extort or intimidate victims. However, no discussion of Palantir has appeared in any of these places.
Okay... so no signs from financially motivated Threat Actors... and it would be really unusual for a state-sponsored Threat Actor to make it exclusive to one person... is there anything else weird about this? Yes.
If Palantir was compromised it would be unusual for ANY group of Threat Actors to notify anyone immediately after a compromise. By notifying Kim Dotcom, or whoever, they're sounding the metaphorical alarm. Palantir is going to immediately order a DFIR (Digital Forensics and Incident Response) and begin an internal audit. Things are going to be locked down. If someone compromised Palantir why would they burn access so quickly? Why would they notify someone so quickly? They're leaving an audit trail.
There is a lot of speculation, little evidence, and things not really making a whole lot of sense.
Is it possible Kim Dotcom is telling the truth? Yes.
Is it likely? No.
Is it possible Kim Dotcom THINKS it's real, but it's NOT real? Yes, that is more likely to be true. It would not surprise me if he is (intentionally, or unintentionally) participating in a misinformation campaign.
Pic unrelated
Mark Zuckerberg a/k/a shape shifting lizard man, has patented spooky internet ghost technology. Amazing.
By training off your data, AI can emulate your existence on social media after you've died.
Ever miss Grandmas schizo racist posts? Your heroin addict cousin getting into arguments with family members because he owes them money? Want to be constantly reminded of your friend tragic death?
With Meta spooky internet ghost technology this is possible! Yay!
I read about OpenClaw.
I still don't understand the purpose. Can someone seriously explain to me the purpose of this AI assistant? I reviewed the different "skills" it offers and it makes literally zero sense.
This can be used to automate ... messages to other people? Like on Slack, or Discord, or Telegram? Check the weather? Do stuff with Stripe? I don't understand the purpose.
Why would I need something to automatically deal with instant messaging clients? Am I missing something? Even if you don't NEED it, why would you WANT it?
I DON'T UNDERSTAND
This probably makes me sound like a sociopath, or something, but I very seriously don't talk about vx-underground or anything I do online with people IRL.
Nobody would understand it, I don't feel like explaining it, and truthfully I don't feel like discussing it. I don't need to bond with people over dumb computer nerd stuff.
Online I am "smelly smellington", I collect malware, development malware, reverse engineer malware, and do silly things which are playfully unethical.
IRL I'm a Father, a son, an Uncle, I go to family birthday parties, go do stuff like trick-or-treating, Christmas stuff, family cook-outs, sometimes go to church (I'm not religious, but whatever), etc. I like to watch UFC, weird cartoons on YouTube like MeatCanyon, and enjoy stuff like watching Netflix with my family
smelly smellington != IRL me
tl;dr just be a normal person, nerd
Non-core audience when they realize this social media account is actually the social media moniker for a website which collects malware and interacting with this account almost certainty got you put on a watchlist
Читать полностью…
I guess Persona saw my post, or other adjacent posts on social media, because Persona sent out an email addressing the findings to their customers.
They wrote the following (although I'm paraphrasing):
1. Persona does not share your customers data outside of scope. They said all contracts are solidified and compliance is important
2. Persona does not work with the Department of Homeland Security, or the United States government in general, however they assert they admit they are seeking potential contracts
3. Persona is not involved with Peter Thiel, although he is an investor. Persona asserts they have no relationship with Palantir
4. Company employees, including investors, do not have access to customer data.
5. They don't plan on saying anything else about this posts on social media because it amplifies stuff. They politely and gently call social media people schizo conspiracy theorists and state they are privately engaging with accredited journalists behind the scenes.
> be me
> working
> wife and baby sleeping
> hear blood-curdling scream
> "HELP"
> run fast af
> blast through door
> 11 month old climbed over baby barricade
> wife holding him by foot
> dangling off bed
> wife terrified
> grab baby
> he looks at me
> smiles
> starts laughing
> wife crying from pure terror
> baby sees her crying
> laughs
mfw baby almost killed himself, thinks its hilarious
Meanwhile at Microsoft: Microsoft deployed botched security rules and Exchange Online accidentally flagged legitimate emails as malicious.
From February 5th to February 12th, "thousands" of safe emails were flagged as phishing emails
https://www.bleepingcomputer.com/news/microsoft/microsoft-anti-phishing-rules-mistakenly-blocked-emails-teams-messages/
1. i didnt discover this, vmfunc and friends did. im regurgitating their stuff
2. ive been informed discord stopped using persona. they use something else now. persona is still used in lots of places (like apparently roblox)
3. vmfunc and friends are still doing a write up about it and trying to talk to persona about it.
https://x.com/vmfunc/status/2024100827510517891
> be nerds
> look into persona (used by discord)
> kyc (know your customer) service
> used for age verification
> search on internet (shodan)
> find weird server
> image 1
> openai-watchlistdb.withpersona
> openai-watchlistdb-testing.withpersona
> lolwtf
> look inside
> supposed to be behind cloudflare to hide ip
> openai messed up
> not behind cloudflare
> real ip shown
> using google cloud
> lookup cert history
> 2023-11-16 created
> 2024-02-28 gets cert
> 2024-03-04 prod goes live
> google stuff
> openai and persona partners
> partner around timeline of certs
> back to searching stuff
> find withpersona-gov
> look inside
> okta (image 2)
> lolwtf
> look inside
> website accidentally leaking stuff
> fedramp-private-backend-api
> look inside
> api .js accidentally exposed
> look inside
> wtf "SARInstructionsCard"
> wtf "app.onyx.withpersona-gov"
> wtf "FINTRAC"
> wtf "PrivatePartnershipProjectNameCodes"
> image 3
> wtf "AsyncSelfie"
> look inside
> openai, persona, send data to us gov
> feds map face to financial records
> map face using AI
> map face to ICE stuff
> api stores data for lots of stuff
> image 4
tl;dr persona kyc and openai are frens, using your selfie for verification and sending to ICE (or USGOV in general), using AI to tie to your financial records. see subsequent post for full write-up. its long and not mobile friendly
I'm sorry, CaptMag, I love you, dawg, but I audibly laughed when you initialized your unsigned integers (DWORD) to NULL.
If you want to get really technical, NULL on Windows is defined as zero, so it ... sort of ... makes sense, you are technically setting your unsigned integers to zero, but NULL is supposed to indicate an invalid pointer.
I have no idea how your IDE hasn't been screaming at you about this.
Apparently this account is large enough now where this is important news to people
Yes, people actually received this on Xitter
I'm currently:
- writing over 500,000,000 lines of code a day
- running 400 different agents
- building 9 different apps
My wife and her boyfriend are so proud of me. What's your excuse?
> be me
> long day at long day factory
> decide to relax
> open x
> it's the everything app
> click "For You"
> first post
> trans person crying
> say they're burden on family
> say they're being kicked out
> point camera at three bottles of pills
> open all bottles
> take all pills at once
> record their suicide
> x, the everything app
Before my son was born my wife and I read all these books and stuff on babies. We also took these fancy classes.
Literally none of them told us the baby would try to headbutt.
THEIR HEADS HURT. THEY HEADBUTT YOUR FACE
If Palantir was actually compromised DarkWebInformer or S0ufi4n3 would be shouting from the roof tops. They'd tell everyone.
They'd dig up the corpse of Queen Elizabeth II and scream in the skeletons face Palantir has been compromised.
I'm not being rhetorical and I'm not trying to be critical. I see so many people discussing it and hyping it up. I've skimmed the documentation, reviewed some of the skills, but ... it JUST DOESN'T MAKE SENSE TO ME
I'm sitting here like, "why do I need an AI agent to respond to people on Discord or Slack or Telegram for me? What if it makes a mistake? What if someone abuses it?"
I don't understand the purpose and I don't place arbitrary trust into AI stuff. I'm not even being a hater, I can't wrap my head around this thing conceptually.
> be me
> snuggling with baby boy
> best feeling in world
> happy to be a Dad
> fall asleep
> sort of wake up
> feel baby boy wiggling
> "haha hes getting comfy"
> feel pressure on my eyes
> wtf
> move head a little
> feel pressure on eyes
> wake up
> open eyes
> baby boy staring straight into my soul
> hes breathing heavy
> trying to shove his little fingers in my eye sockets
> wtf.exe
> "what are you doing???"
> he laughs
> puts his fingers up my nose
> move head
> he laughs
> he leans in
> bites my face
> ????