We apologize if you visit vx-underground and you're greeted with a Cloudflare waiting room (queue system).
We've been getting DDoS'd for the past 7 hours+, the longest we've ever been DDoS'd
tl;dr toothbrush's all across the globe have begun attacking us
We've been getting DDoS'd for the past 7 hours+, the longest we've ever been DDoS'd
tl;dr toothbrush's all across the globe have begun attacking us
π€£187π€17β€βπ₯5π5π2π₯2π€―2π±2β€1
Hello,
As is tradition, we accidentally did an oopsie. Our search function is botched and downloads on files aren't working. We pushed some code to prod without actually testing if the file download part worked.
Testing code before pushing to prod is for nerds
Thanks,
As is tradition, we accidentally did an oopsie. Our search function is botched and downloads on files aren't working. We pushed some code to prod without actually testing if the file download part worked.
Testing code before pushing to prod is for nerds
Thanks,
π84π€44π«‘17π6π―6β€5π€£3π₯1
vx-underground
Hello, As is tradition, we accidentally did an oopsie. Our search function is botched and downloads on files aren't working. We pushed some code to prod without actually testing if the file download part worked. Testing code before pushing to prod is forβ¦
Problem has been resolved. Please continue downloading malware.
β€51π«‘14π10π8π6π€£4
Today James Forshaw (tiraniddo) did a quick assessment on the new Windows 11 Sudo.exe.
Despite his quick assessment, the blog post is wonderful. It is an excellent read. We recommend it:)
tl;dr fancier ShellExecute π
https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html
Despite his quick assessment, the blog post is wonderful. It is an excellent read. We recommend it:)
tl;dr fancier ShellExecute π
https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html
www.tiraniddo.dev
Sudo On Windows a Quick Rundown
Background The Windows Insider Preview build 26052 just shipped with a sudo command, I thought I'd just take a quick peek to see what it doe...
π€£47π12
Chainalysis' report indicates ransomware *payments exceeded $1,100,000,000 in 2023.
*Payments which are confirmed to be attributed to ransomware attacks, more attacks may not have been identified
More information: https://www.chainalysis.com/blog/ransomware-2024/
*Payments which are confirmed to be attributed to ransomware attacks, more attacks may not have been identified
More information: https://www.chainalysis.com/blog/ransomware-2024/
π±45β€13π10π6π₯°4π2β€βπ₯1π’1π€1
We've uploaded more malware samples to vx-underground.
InTheWild && Bazaar && VirusSign
It is over 100,000 new samples.
Please download them, they're very lonely and scared.
InTheWild && Bazaar && VirusSign
It is over 100,000 new samples.
Please download them, they're very lonely and scared.
β€44π₯°13π’5π€£2
We have begun archiving SEC Form 8K filings related to cyber-crime.
Archives are from the SECurityTr8Ker feed.
https://vx-underground.org/Archive/SEC%20Form%208K
Archives are from the SECurityTr8Ker feed.
https://vx-underground.org/Archive/SEC%20Form%208K
Vx Underground
The largest collection of malware source code, samples, and papers on the internet.
β€23π6β€βπ₯3π2
We've updated the vx-underground Windows malware paper collection
- 2019-02-15 - Understanding Windows x64 ASM
- 2023-12-31 - Compression using undocumented RDP APIs
- 2024-02-08 - Disabling System Event Logs with IDataCollectorSet
https://vx-underground.org/Papers/Windows
- 2019-02-15 - Understanding Windows x64 ASM
- 2023-12-31 - Compression using undocumented RDP APIs
- 2024-02-08 - Disabling System Event Logs with IDataCollectorSet
https://vx-underground.org/Papers/Windows
π€17π₯7β€6π4π’4β€βπ₯2π€2
Namecheap is currently experiencing a rather significant DDoS attack.
This attack is not impacting their products. It is effecting their primary domain and customer support.
This attack is not impacting their products. It is effecting their primary domain and customer support.
π’46π13π€4
October 24th, 2022 an account on Doxbin operating under the alias "pedohunters" released a lengthy article on an individual operating under the alias "Rabid" a/k/a "Rabid7997".
February 8th, 2024 the identity of "Rabid" was confirmed - the United States Department of Justice arrested Richard Anthony Reyna Densmore of Kaleva, Michigan.
The United States Department of Justice unveiled details of this individuals sadism - he forced children to perform acts of self-harm on Discord for sexual gratification.
Due to the severity of his crimes he is currently facing life in prison.
More information: https://www.justice.gov/usao-wdmi/pr/2024_0208_R_Densmore_Indictment
February 8th, 2024 the identity of "Rabid" was confirmed - the United States Department of Justice arrested Richard Anthony Reyna Densmore of Kaleva, Michigan.
The United States Department of Justice unveiled details of this individuals sadism - he forced children to perform acts of self-harm on Discord for sexual gratification.
Due to the severity of his crimes he is currently facing life in prison.
More information: https://www.justice.gov/usao-wdmi/pr/2024_0208_R_Densmore_Indictment
www.justice.gov
West Michigan Man Charged With Child Exploitation Offenses
Richard Anthony Reyna Densmore, a/k/a βRabid,β Claims Affiliation With Sadistic Child Abuse And Extortion Network
π64π41π11π±10π«‘8β€βπ₯3π3β€2π€©2π€£2
February 9th, 2024 the United States Department of Justice announced the arrest of two individuals behind WarzoneRAT.
- Daniel Meli, 27, of Zabbar, Malta
- Prince Onyeoziri Odinakachi, 31, of Nigeria
They are being charged with conspiracy, obtaining authorized access to protected computers to obtain information, illegally selling an interception device, and illegally advertising an interception device.
They are facing up to 20 years in prison.
More information: https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales
- Daniel Meli, 27, of Zabbar, Malta
- Prince Onyeoziri Odinakachi, 31, of Nigeria
They are being charged with conspiracy, obtaining authorized access to protected computers to obtain information, illegally selling an interception device, and illegally advertising an interception device.
They are facing up to 20 years in prison.
More information: https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales
www.justice.gov
International Cybercrime Malware Service Dismantled by Federal
The Justice Department announced today that, as part of an international law enforcement effort, federal authorities in Boston seized internet domains that were used to sell computer malware used by cybercriminals to secretly access and steal data from victimsββ¦
π€―34π«‘13π9π’3π±2π1π€£1
We've updated the vx-underground Windows malware paper collection
- 2021-07-23 - Modifying MS Office security warnings
- 2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer
- 2024-02-08 - Deep Dive Into Exploiting Windows Thread Pools
- 2021-07-23 - Modifying MS Office security warnings
- 2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer
- 2024-02-08 - Deep Dive Into Exploiting Windows Thread Pools
β€22
