40629
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
🚨BREAKING🚨
Newly declassified and unsealed UFO documents, released by the Trump administration, suggest that weird looking rock you showed your friends in middle school was likely an old dog turd
Follow vx-underground for more updates
Students all across the world react to ShinyHunters
Читать полностью…
Students are reporting Canvas is back up. Your finals have been resumed. Yay!
Читать полностью…
Note: there is a 0% chance they're drone striked. I've only seen a nerd drone striked once. These are just angry normies who don't understand computers and are raging online.
Читать полностью…
ShinyHunters has successfully hit the big leagues.
ShinyHunters successfully disrupting exams, schooling, grading, government funded research projects, dissertation work, graduations, financial aid, financial loss, potentially immigration complications, and more, has elevated this from "a silly shenanigan" to "major national security incident" and being labeled as an attack on United States critical infrastructure.
If I had to guess, the FBI, NSA, CIA, DIA, CISA, ICE, and DOE are all involved due to the disruption of this.
This isn't the largest extortion campaign I've seen, but this is definitely in the top ten. This is what the kids call a "Certified Hood Classic".
ShinyHunters compromised Canvas (to a currently unknown extent) which resulted in a "this system has been compromised" to over 9,000 universities.
As ridiculous as that sounds, I'm not memeing. It has been speculated it is actually over 9,000 universities.
ShinyHunters is having their ALPHV moment. They're now going to get attention at a serious scale outside of the information security circle.
Poking Windows with a stick exploring really silly and overly complicated malware concept.
> need to enumerate windows
> use EnumWindows
> look inside
> Win32u!NtUserBuildHwndList
> shrimple
> need to get window attributes
> use IsWindowVisibile
> look inside
> hWnd->style & WS_VISIBLE
> shrimple
> need to get super accurate screen coords
> documentation says DwmGetWindowAttribute
> DwmGetWindowAttribute better than GetWindowRect
> ok
> use DwmGetWindowAttribute
> look inside
> dwmapi!DwmGetWindowAttribute
> minimum supported client Vista
> forwards to user32!GetWindowCompositionAttribute
> minimum supported client Windows 7
> ???
> GetWindowCompositionAttribute just fills struct
> look inside
> win32u!NtUserGetWindowCompositionAttribute
Documentation says to use DwmGetWindowAttribute in dwmapi.dll but really just uses GetWindowCompositionAttribute in user32.dll and forwards to win32u.dll for syscall
DwmGetWindowAttribute works on Vista... but its forward to GetWindowCompositionAttribute needs at minimum windows 7...
lol ok whatever man
> web article about unis
> 90% of students using ai to cheat
> uni educators and staff frustrated
> call for revolution of education
> critics say school is cooked now
> phd lady writes article about it
> look inside
> "its not x—its y"
> "why it matters"
> be United States Senate
> fast track legislation on ID verification for AI usage
> passed initial review unopposed
> bipartisan support
> need to be 18 years old to use AI
> realize Copilot comes with Windows
do we need to do age verification to use Windows ... ???
United States government is fast tracking legislation to do ID verification on AI usage.
Apparently AI is extremely dangerous to children and every AI product must perform age verification to ensure you're at least 18 years of age.
> saturday
> go outside
> go to event thingie
> talk with normal people
> them: "what do you do for a living?"
> answer question
> them:
One of these days remind me to show you my folder of shame.
I have probably a hundred or more failed malware ideas. When I have a malware idea I don't even label it correctly anymore. I have project names like "aaaaa", "aaaaa(1)", "dsthingie", "firewallstuff", "tmpproject".
It's mountains of failed code. I am the grand emperor of failure.
> be insurance, but for ai slop
> in case ai sends money to stranger or nukes prod
> fast forward
> "ai is conscious, bro"
> man goes on social media
> beep boop to grok
> grok (totally conscious) transfers $150,000 to stranger
ITS AS THE PROPHECY FROM CORGI FORTOLD
Someone used AI prompt injection to crypto drain $150,000... from a tweet.
I would share the write-up and more information on it, but the person who did the write-up blocked me (I have no idea who they are).
Instead, have a picture of the write-up so you can look them up.
Here's the thing no one wants to tell you about AI:
1. It's the worlds largest Python script
2. It runs on Linux, Windows Defender slows it down
3. It uses lots of numbers (nobody knows why)
4. It requires a bunch of GPUs (for gaming)
5. No, you can't have sex with it
ShinyHunters got access to Canvas infrastructure from ... "Vishing".
Social engineering.
WHY IS IT ALWAYS FUCKING SOCIAL ENGINEERING
Oh, only some are back up. Not all.
Nevermind. Please continue suffering and panicking
I can assert with a high degree of confidence ShinyHunters did not exfiltrate highly sensitive information.
Based on information I've received the primary information stolen from the schools is student names and email addresses. Furthermore, this has been confirmed by various media outlets.
This in of itself isn't bad.
The primary issue with this however is that it would expose children in K-12 online (first and last name). Adults having their full legal name and email address online is something you could (probably) find on LinkedIn or a university directory. Adults will be ignored if data is leaked. K-12 will be a nightmare. Hence, educational institutions must put together a strategy to handle a K-12 potential data leak.
Presumably parents will be outraged and this will inevitably result in a lawsuit against the schools or Canvas.
The much larger issue however is the catastrophic damage ShinyHunters has done to Canvas both operational and reputational.
Exfiltrating data from a compromised host is as simple as initializing a file transfer. The question then: why is Canvas still "in maintenance mode"? The only logical conclusion is ShinyHunters did SOMETHING to prevent Canvas from working as intended.
This places Canvas is a terrible, terrible, terrible position. Their service has resulted in minors having their names (potentially) leaked and educational institutions can't use the platform they pay for. Furthermore, this makes major educational institutions look like a bunch of morons.
Students are paying top dollar for an education and suddenly ... poof ... a good chunk of their work or study material has vaporized because it was stored in a 3rd party platform outside the control of the educational institution.
Basically, the data breach itself isn't bad except the K-12 part. The operational impact is devastating and the fallout will be a nightmare. Canvas employees are probably scrambling, their cybersecurity team is probably having panic attacks, and executive leadership is probably drunk right now screaming at the wall.
On social media parents are outraged and are commenting they want the United States to respond MILITARILY.
They're unironically calling for Hegseth to authorize military action against ShinyHunters and DRONE STRIKE them.
Holy cow
I briefly spoke with "Shiny" online. He wouldn't give me any information on the compromise.
I tried advanced interrogation tactics (silly pictures of cats) and he still wouldn't tell me anything.
smh
Lab52 released a paper on APT29 and suspected state-sponsored computer espionage by the Russian Federation targeting Spain
I was going to read the paper, but then I saw it's 142 pages
This is a book bro wtf
if i shared my opinion on this i would be suspended from social media
Читать полностью…
One of my good friends was deployed to the Middle East about 17 years ago.
He did a 6 year stint in the military.
He got out and had some mental health issues and had problems integrating back into the world outside the military.
After nearly 8 years of struggling with PTSD, depression, anxiety, and alcohol issues, I'm happy to share he's finally got his head back on straight.
He told me he's attending university for cybersecurity. He got himself a really nice girlfriend who seems very supportive of him. He's got a nice home to call him own.
He's doing really, really good. It all worked out.
Proud of my boy.
As is tradition, it's total bullshit. The United States government doesn't care about children. It's yet another privacy violation.
Читать полностью…
Read some news articles today that people from the United States government met with various faith leaders across the United States on April 27th for a secret meeting
Faith leaders disclosed that the United States spooky people told them that the Trump administration will soon be unsealing various documents about UFOs.
Supposedly the United States will be releasing documents so profound it may cause a religious crisis in the United States (and the world). Faith leaders said the spooky government people talked about space reptiles and stuff.
Is any of this true? I have no idea. It's from Daily Mail, MSN, some various social media profiles, and speculative thinking from Donald Trump's social media posts.
Excited to see what happens. Realistically however, it'll probably be mildly interesting, everyone will discuss it for a few days, then a large majority will forget.
GitHub is for nerds.
Share your code as a text file on some shitty HTML site.
It's what God would want
I've got a really silly idea for malware.
Windows 11 now have Windows.Graphics from the Windows Runtime API.
You can use it for taking screenshots. It's supposed to be better than the native WINAPI method because something about GPU rendering stuff, I don't know, I can't remember.
Anyway
Windows 11 also ships with an OCR library from the Windows-something-something in the WinRT as part of their AI stuff.
The point being: I think I can take a fancy screenshot of an application, like Slack, Microsoft Teams, or Discord, using WinRT then use WinRT to OCR it into readable and parseable text from C/C++
It is basically a really convoluted way to do keylogging or espionage, or whatever.
For extra flavor, use WinRT to upload the OCRd text to a remote host. Why do this instead of WinHTTP or Windows Sockets? Literally no reason other than curiosity. I have no idea how this would appear under the scope of an EDR.
Sometimes you need to try silly things.
It's always interesting to scroll social media and find an account who blocked me.
I'm like, "dayum, this person HATES ME and I have no idea who they are or what I did".
In all fairness, I do post some dumb shit, so it's completely understandable.
Did your slop Python script accidentally transfer $10,000,000 to a stranger?
Did your vibe coded app accidentally leaked 300,000 peoples phone numbers, e-mail addresses, and passport?
Don't worry, fam. The folks over there at ... Corgi ... now provide AI insurance.
I also got a shit load of DMs but I don't have the willpower to read and reply. Some of you write GIANT messages and it makes my brain hurt (I'm dumb as hell)
Читать полностью…