We've had people contact us who have read nearly every single paper in the vx-underground corpus - thousands upon thousands of malware papers.
vx-underground is a malware monastery and we are producing next-generation malware monks.
vx-underground is a malware monastery and we are producing next-generation malware monks.
β€56π4π2π±2β€βπ₯1
There has been some updates to the Pompompurin court case.
The United States Magistrate Judge John F. Anderson has authorized the usage of mass victim notification via a case-specific web page on the Eastern District of Virginia website.
tl;dr getting his own webpageπ
The United States Magistrate Judge John F. Anderson has authorized the usage of mass victim notification via a case-specific web page on the Eastern District of Virginia website.
tl;dr getting his own webpageπ
π₯°26β€7π’4π2π€2π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
POV: you're talking to someone obsessed with privacy and online anonymity
π€£69β€7π―4π₯°2π1
Lockbit ransomware group has created their first MacOS-based payload. We believe this is the first time a large ransomware threat group has developed a payload for Apple products.
We have samples.
Intel via malwrhunterteam & BrettCallow
Download: https://samples.vx-underground.org/samples/Families/LockBitRansomware/Samples/
We have samples.
Intel via malwrhunterteam & BrettCallow
Download: https://samples.vx-underground.org/samples/Families/LockBitRansomware/Samples/
π23β€9π«‘5π’4π₯2π€ͺ2β€βπ₯1π1
Based on the tsunami of information we received:
1. The Lockbit MacOS ransomware is real. Lockbit has confirmed this.
2. People speculate it is incomplete. The MacOS payload is riddled with bugs - including a good ol' buffer overflow.
3. It is Sunday. We'll see you nerds later
1. The Lockbit MacOS ransomware is real. Lockbit has confirmed this.
2. People speculate it is incomplete. The MacOS payload is riddled with bugs - including a good ol' buffer overflow.
3. It is Sunday. We'll see you nerds later
π45π«‘15β€4π₯3
Today Microsoft announced they're changing the way they name and label threat groups. The new naming convention now aligns with "the theme of weather"
The new names are absolutely ridiculous and we are having a difficult time taking it seriously
See attached images for examples
The new names are absolutely ridiculous and we are having a difficult time taking it seriously
See attached images for examples
π€£88π7π€7
We've updated the vx-underground malware collection.
- Virusshare.00466
- Updates to the Redline family
- Updates to the Magniber family
- Updates to the xLoader family
- New family added: Mmon
Check it out here: https://www.vx-underground.org/malware.html
- Virusshare.00466
- Updates to the Redline family
- Updates to the Magniber family
- Updates to the xLoader family
- New family added: Mmon
Check it out here: https://www.vx-underground.org/malware.html
β€21π1
The 3CX supply chain attack was the result of previously undiscovered X-Trader supply chain attack
The 3CX CEO wasn't lying about an upstream vendor being the result of the compromise.
tl;dr supply chain attack to supply chain attack
More information: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise
The 3CX CEO wasn't lying about an upstream vendor being the result of the compromise.
tl;dr supply chain attack to supply chain attack
More information: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise
Google Cloud Blog
3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsibleβ¦
π±12π7β€2π2π―1
February 21st, 2023, ALPHV ransomware group informed their affiliates of a new 'product' update.
Their new ransomware variant is named Sphynx.
Their new ransomware variant is named Sphynx.
π14π«‘7π₯2β€1
We've updated the vx-underground malware sample collection. We have added new samples for the following families:
- Nanocore
- AsyncRAT
- NetwireRAT
- AgentTesla
- LokiBot
- Formbook
- CobaltStrike
- NjRat
- Chaos Ransomware
Check it out here: https://samples.vx-underground.org/samples/Families/
- Nanocore
- AsyncRAT
- NetwireRAT
- AgentTesla
- LokiBot
- Formbook
- CobaltStrike
- NjRat
- Chaos Ransomware
Check it out here: https://samples.vx-underground.org/samples/Families/
β€14π₯7π2
Today someone stole 3,600lbs (1632kg) of Gold from the Toronto Pearson Airport. It is valued at roughly $100,000,000.
The police currently have no suspects. Unrelated to malware of course, but such a ballsy heist is impressive.
More information:
https://www.cbc.ca/news/canada/toronto/gold-heist-pearson-airport-toronto-1.6817345
The police currently have no suspects. Unrelated to malware of course, but such a ballsy heist is impressive.
More information:
https://www.cbc.ca/news/canada/toronto/gold-heist-pearson-airport-toronto-1.6817345
CBC
$20M worth of gold, other items stolen in 'very rare' heist at Pearson Airport, police say | CBC News
Peel police are investigating the theft of a "high value container" with items worth an estimated $20 million from Toronto's Pearson Airport early Monday evening.
π«‘43π₯°18β€5π4π2π1π€©1π1
An unknown Threat Actor has compromised the European Union's web domain and is using it to distribute Fortnite V-Bucks scams...
They've also compromised 15 other high-profile websites. See full list in attached image below.
Information via g0njxa and Gi7w0rm
They've also compromised 15 other high-profile websites. See full list in attached image below.
Information via g0njxa and Gi7w0rm
π€£66π3β€2π2