40630
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
> "DONT DO THIS!!! THIS IS A FELONY!!!"
No shit, Sherlock. It's satire
Yesterday ALPHV ransomware group listed Advarra, a clinical research technology company
Advarra told ALPHV quote "We do not pay digital terrorists". Additionally, ALPHV tried contacting one of their executives via text message. She told ALPHV "go fuk yourself"
😂😂😂😂😂
In the spirit of Halloween we will share something with you that is truly terrifying.
*Yes, this is real game made by EA
We've updated the vx-underground malware source code collection on GitHub.
Yesterday the source code to banking trojans Android.Hook and Android.Ermac were leaked online.
*Hook is the successor to Ermac
*Thanks to 3xp0rtblog for the code
https://github.com/vxunderground/MalwareSourceCode
Christmas is coming early for Android malware fans.
Читать полностью…
There's been a bit of a debate lately about "whoami.exe".
Читать полностью…
Around July, 2023 an individual operating under the alias "Blue" and "Trout", successfully phished someone and stole $213,000 from the victim.
They subsequently paid a group of men to dance and thank the victim for the money.
We received our latest paycheck from Twitter. It is a mind boggling $39.36.
We do not believe this is sufficient enough to donate to a non-profit. Instead we will use this to giveaway 3 copies of Black Mass Volume II.
We will share information on this giveaway later.
We were just informed that a member of vx-underground lost two family members in Maine yesterday. A cousin and a nephew were the victims of a very sick person.
We will be inactive for the next couple of days.
Another 116,024 malware samples queued and ready for upload into the VXDB 🫡
*Our VXDB is free for everyone to use
*You can download and search samples
*Bulk download coming (eventually)
https://virus.exchange
Amazon is offering 9% off on Black Mass Volume II right now.
It's not much, but it's something.
It's 2023. What the hell is going on over there in Australia?
Читать полностью…
Windows has 3 different types of boolean values.
typedef int BOOL
typedef BYTE BOOLEAN
typedef short VARIANT_BOOL
*BYTE is defined as an unsigned char
When setting VARIANT_BOOL you cannot use TRUE or FALSE. You need to use VARIANT_TRUE or VARIANT_FALSE
Have a nice day.
The vx-underground podcast - but instead of discussing anything technical or meaningful we mumble incomprehensible nonsense for an hour and express our misanthropy in form of creative dance
Читать полностью…
Yeah, we got compromised by APT29, but luckily MalwareBytes™ FREE AV stopped the Kremlin in their tracks! To be extra safe, we swung by the local Hilton Hotel and used their WiFi to install it
Читать полностью…
This one simple trick will land you a job anywhere
Читать полностью…
We keep getting pinged. Yes, Boeing has been removed from Lockbit ransomware groups website.
Lockbit administrative staff informed us they removed Boeing because negotiations have begun.
We don't know anything else. It is Halloween. Cya nerds tomorrow. We're busy.
ZachXBT, an independent cryptocurrency investigator who monitors and tracks cryptocurrency scams, shared ANOTHER video of cryptocurrency thieves taunting him.
The sign says "Fuck ZachXBT. Chards"
That's 3 videos now 😭
Sim swappers and crypto drainers seem to dislike ZachXBT. We received an anonymous message today with this video.
Читать полностью…
(there's 100% more unique ways, but this is meant to be funny and illustrate the possibilities other than whoami.exe, please do not start with the ACKCHYUALLY)
Читать полностью…
ZachXBT, an independent cryptocurrency investigator who monitors and tracks cryptocurrency scams, received a video from a group of scammers. They got full bottle service last night, somewhere in Canada, and held a sign taunting him with "ZachXBT is watching".
Читать полностью…
Yesterday Lockbit ransomware group listed Boeing on their victims list. Boeing is a multinational American company with an estimated annual revenue of $66,610,000,000. They have over 150,000 employees worldwide. Boeing serves both the public and private sector.
We spoke with Lockbit ransomware group administrative staff yesterday regarding Boeing. They informed us that they have not yet spoke with a representative from Boeing and they will not disclose any information to us about Boeing - more specifically they would not give us insights into how long they had access to Boeing, how much data was exfiltrated, what kind of data was stolen, etc.
Lockbit stated their ransomware affiliate got access using a 0day exploit. However, Lockbit would not elaborate further on this exploit hence we cannot verify the legitimacy of these claims.
It is also probably worth noting that most victims listed by Lockbit are given 10 days (or more) to begin negotiations. Lockbit gave Boeing less than 6 days
Sometime in 2021 we were contacted by an incredibly angry person. He was upset we did not 'defang' our malware samples.
He informed us he executed ransomware on his host machine and all of his data was locked.
July 19th, 2010: Siemens PCS forum discussing Stuxnet
Читать полностью…
Ccleaner was compromised and (limited) user data was exfiltrated. Luckily they're offering BreachGuard for 6 months! That's good, right?
... right?
Image via troyhunt
We are actively working on a guide for enterprise environments. It is titled: Prevention, Extortion, 'n' Information Security.
Here is a preview:
Everyone knows Russians can't visit Hilton Hotels. They're too decadent. They instantly explode and turn into sand.
Читать полностью…
We've updated the vx-underground Windows malware paper collection
- 2022-03-11 - AV and EDR Evasion Using Direct System Calls
- 2023-04-18 - Process injection in 2023 - evading leading EDRs
- 2023-07-25 - Prefetch - The Little Snitch That Tells on You
https://vx-underground.org/