40629
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
Just did a totally awesome April Fools prank
I totalled my Dad's car by crashing it into a telephone pole going 72mph
Haha I got him so good, dumbass doesn't even know what's coming
I want you to know it physically hurt me to write like this. The cringe was so immense I could feel my body buckling under the cringe pressure.
I have no idea how Elon Musk unironically speaks like this still.
Chat, look what images just appeared ON THE DARK WEB (Telegram, where all crime happens on the internet apparently). ShinyHunters posted it.
Is this actual stuff from the alleged Cisco data compromise as a result of the Trivy supply chain attack? Are these images unrelated? How sensitive is this data? How is ShinyHunters involved with TeamPCP? Is this even real?
Find out on the next action packed episode of Dragon Ball Z
Whoa
Core audience (my nerds and stinky internet degenerates), I made a post about an hour ago intended for my nerd homies about family shenanigans. I thought it was kind of funny, mildly interesting.
It somehow escaped core audience at a high rate of speed and some really weird people were making some really weird comments.
We got supply chain attacks, malware, and premium pictures of kitty cats, we do not have time for non-nerds stinking up the place.
Yikes.
Anyway, more updates on silly internet stuff soon. It involves malware and will include a picture of a cat.
Cheers
1. This isn't fake.
2. Credentials are stored as hashes. It should be literally, with no exaggeration, impossible for a vendor to know your credentials while uppercase UNLESS they weren't storing passwords as hashes.
What the fuck is HSBC India doing?
Big shenanigans on the internet today as Threat Researchers speperhypothulate that the Threat Actor responsible for the Axios supply chain attack may have accidentally DoS'd their own infrastructure from the volume of data coming in
Pathetic
Hello to all my Telegram friends who messaged me about Axios supply chain attack.
I'm well aware it happened. Here is reaction when it occurred in near real-time
Dawg, I saw some stinky nerds discussing this recently identified malicious NPM package
This is, by a significant margin, some of the worst malicious code I've ever seen. I don't mean 'worst' as in dangerous, I mean this code is HOT garbage
https://socket.dev/npm/package/3-ways-how-to-get-free-gems-in-clash-of-clans834/files/1.0.2/package%20gene.py
People living inside my computer,
I have updated the website which apparently most of you didn't know existed
I collect malware source code, samples, papers, and builders.
I've added more malware, I've stopped counting, but it's a big number
https://vx-underground.org/Updates
Someone unironically recommended I buy a children's book on cybersecurity to read to my son.
I will not subject my son to computer shenanigans. He must forge his own path. His happiness is more important than legacy.
Malware is illegal and for nerds
As a malware nerd, I am so unimaginably tired of hearing about Stuxnet.
At this point it's propaganda by the United States to showcase supposed American superiority.
I refuse to believe that is the only state-sponsored malware campaign people know about or reference
Also, I'm not a European, so I don't understand the humor, but I see a bunch of people blaming Romanians. As an American I do not understand it, but apparently this is big humor for Europeans
Читать полностью…
"I'd eat them".
False. That is impossible.
1 KitKat weights approx. 45g.
1lbs is approx. 450g.
Approx. 10 KitKats in a lbs.
12 tons is 24,000lbs.
That is roughly 240,000 KitKats
1 KitKat is approx. 230 calories.
That is approx. 55,200,000 calories.
The daily recommended calorie intake for an adult is 2,000 calories.
55,200,000 calories is 27,600 days of ideal calorie intake, or roughly 75 years.
The streets are speaking [1] and word on the street is ShinyHunters dislike TeamPCP [2]
[1] The streets is stinky nerds wearing Naruto pajamas in internet chatrooms
[2] It is alleged ShinyHunters call TeamPCP "SkidPCP", a very unique and novel insult
Haha I just pulled off the most totally epic and based le prank xD
I just detonated ransomware on my works domain controller. Haha man, this is going to be such an epic prank.
April 1st for the win!!! My boss is gonna be all like FUUUUUU-
haha PWNED
This is about Twitter. I had fat Americans commenting, yapping about nonsense and talking about GOD. Weirdos
Читать полностью…
I'm sorry for yelling and the bad words. It has been a very intense 1 week and 2 days.
It has been so dramatic it borders on some kind of sadistic comedy piece
I've seen some conversations online that suggest HSBC India has been transforming credentials with ToUpper prior to hashing. Now with a new code base, or something, in place users must now type in all upper case to account for the previous implementation
Okay, if that is true, isn't that a colossal fuck up? They were stripping case sensitivity while also telling users they need uppercase and lowercase letters? What the fuck is going on over there?
I wanted to say propose, speculate, theorize, hypothesize, but I couldn't pick a word, so I made up speperhypothulate. I'm basically Shakespeare
Читать полностью…
Here is another one of my reactions (I was in bed)
Читать полностью…
This dumb son of a bitch hardcoded the username 'Administrator' because that is (probably) the username on his (or her) machine. You're supposed to resolve the username with %USERPROFILE%, ya fuckin' goof
Читать полностью…
ShinyHunters is ransoming ... HALLMARK CARDS
Those fucking shitty birthday cards you pick up at the drug store ARE BEING HELD RANSOMWARE
WHO RANSOMS BIRTHDAY CARDS
(info via AlvieriD)
However, if he wants to malware, I will super charge his brain and inject everything I know about malware and computer shenanigans into his skull and hope he exceeds me in every way possible.
Читать полностью…
Back in '84, nerds were developing this stuff with documentation printed on paper back they received physically in the mail.
The crowd collectively shit their pants in awe that someone was capable of doing this.
I just shit my pants thinking about it
It's funny stuff. When you reside in the United States (and presumably Europe) you always read about the Russian Federation or Chinese government performing cyber state-sponsored operations. It makes us look like a bitch who is getting bullied.
But then you cross the pond on the internet and take a look around and you're like, "hehe ya, we're doing it too actually, our cybersecurity companies just dont discuss it"
Okay, before I make a silly post have some context. Rostelecom is the largest telecommunication company in Russia. If you're in the United States, Rostelecom is basically like their AT&T or Verizon. Anyway, Rostelecom has a Cyber Threat Intelligence division called "Solar Group".
Solar Group releases papers frequently on threats (specifically in the malware domain) targeting the Russian Federation.
I enjoy reading it because, as a person residing in the United States, my Threat Feed is usually threats facing people in the United States (or allies of the United States). Reading threats facing the Russian Federation I'm like, "oh no shit? yall too? lmfao das crazyyyy".
My absolute favorite though is reading papers from Chinese or Russian cybersecurity companies where they accuse the United States government of state-sponsored malware campaigns and the United States government is like, "pfffft? Me? No way, dawg. I'm A CHRISTIAN. You ARE THE BAD GUYS. We go to Church EVERY SUNDAY".
Then both the Russian Federation and Chinese government go like: ">:( u bitch"
But then they do the same thing to us, so it's whatever I guess. We're all doing silly shenanigans on the internet.
An example of the silly shenanigans is a Threat Actor who has compromised various law enforcement agencies in the Russian Federation. This Threat Actor is named "Eagle Werewolf" (what country uses the Eagle?).
Eagle Werewolf has been compromising law enforcement agencies in the Russian Federation, specifically exfiltrating data related to internal case files, active investigations, operational plans from law enforcement agencies, and any information on who the Russian Federation is actively investigating. Eagle Werewolf also appears to be attempting to map internal infrastructure and organization hierarchy (who is who in law enforcement, supervisors, general employees, etc).
That's weird. Why would this mysterious "Eagle Werewolf" want this information? Hmmmmm?
March 20th: 15 TONS of gummy candy stolen from semi-trailer in Germany
March 29th: 12 TONS of KitKat bars stolen from Truck leaving Italy en-route to Poland
Who are you people?
What the fuck is going on in Europe?
Who steals 12 TONS of KitKats? What do you even do with that many KitKats?