Chainalysis' report indicates ransomware *payments exceeded $1,100,000,000 in 2023.
*Payments which are confirmed to be attributed to ransomware attacks, more attacks may not have been identified
More information: https://www.chainalysis.com/blog/ransomware-2024/
*Payments which are confirmed to be attributed to ransomware attacks, more attacks may not have been identified
More information: https://www.chainalysis.com/blog/ransomware-2024/
π±45β€13π10π6π₯°4π2β€βπ₯1π’1π€1
We've uploaded more malware samples to vx-underground.
InTheWild && Bazaar && VirusSign
It is over 100,000 new samples.
Please download them, they're very lonely and scared.
InTheWild && Bazaar && VirusSign
It is over 100,000 new samples.
Please download them, they're very lonely and scared.
β€44π₯°13π’5π€£2
We have begun archiving SEC Form 8K filings related to cyber-crime.
Archives are from the SECurityTr8Ker feed.
https://vx-underground.org/Archive/SEC%20Form%208K
Archives are from the SECurityTr8Ker feed.
https://vx-underground.org/Archive/SEC%20Form%208K
Vx Underground
The largest collection of malware source code, samples, and papers on the internet.
β€23π6β€βπ₯3π2
We've updated the vx-underground Windows malware paper collection
- 2019-02-15 - Understanding Windows x64 ASM
- 2023-12-31 - Compression using undocumented RDP APIs
- 2024-02-08 - Disabling System Event Logs with IDataCollectorSet
https://vx-underground.org/Papers/Windows
- 2019-02-15 - Understanding Windows x64 ASM
- 2023-12-31 - Compression using undocumented RDP APIs
- 2024-02-08 - Disabling System Event Logs with IDataCollectorSet
https://vx-underground.org/Papers/Windows
π€17π₯7β€6π4π’4β€βπ₯2π€2
Namecheap is currently experiencing a rather significant DDoS attack.
This attack is not impacting their products. It is effecting their primary domain and customer support.
This attack is not impacting their products. It is effecting their primary domain and customer support.
π’46π13π€4
October 24th, 2022 an account on Doxbin operating under the alias "pedohunters" released a lengthy article on an individual operating under the alias "Rabid" a/k/a "Rabid7997".
February 8th, 2024 the identity of "Rabid" was confirmed - the United States Department of Justice arrested Richard Anthony Reyna Densmore of Kaleva, Michigan.
The United States Department of Justice unveiled details of this individuals sadism - he forced children to perform acts of self-harm on Discord for sexual gratification.
Due to the severity of his crimes he is currently facing life in prison.
More information: https://www.justice.gov/usao-wdmi/pr/2024_0208_R_Densmore_Indictment
February 8th, 2024 the identity of "Rabid" was confirmed - the United States Department of Justice arrested Richard Anthony Reyna Densmore of Kaleva, Michigan.
The United States Department of Justice unveiled details of this individuals sadism - he forced children to perform acts of self-harm on Discord for sexual gratification.
Due to the severity of his crimes he is currently facing life in prison.
More information: https://www.justice.gov/usao-wdmi/pr/2024_0208_R_Densmore_Indictment
www.justice.gov
West Michigan Man Charged With Child Exploitation Offenses
Richard Anthony Reyna Densmore, a/k/a βRabid,β Claims Affiliation With Sadistic Child Abuse And Extortion Network
π64π41π11π±10π«‘8β€βπ₯3π3β€2π€©2π€£2
February 9th, 2024 the United States Department of Justice announced the arrest of two individuals behind WarzoneRAT.
- Daniel Meli, 27, of Zabbar, Malta
- Prince Onyeoziri Odinakachi, 31, of Nigeria
They are being charged with conspiracy, obtaining authorized access to protected computers to obtain information, illegally selling an interception device, and illegally advertising an interception device.
They are facing up to 20 years in prison.
More information: https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales
- Daniel Meli, 27, of Zabbar, Malta
- Prince Onyeoziri Odinakachi, 31, of Nigeria
They are being charged with conspiracy, obtaining authorized access to protected computers to obtain information, illegally selling an interception device, and illegally advertising an interception device.
They are facing up to 20 years in prison.
More information: https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales
www.justice.gov
International Cybercrime Malware Service Dismantled by Federal
The Justice Department announced today that, as part of an international law enforcement effort, federal authorities in Boston seized internet domains that were used to sell computer malware used by cybercriminals to secretly access and steal data from victimsββ¦
π€―34π«‘13π9π’3π±2π1π€£1
We've updated the vx-underground Windows malware paper collection
- 2021-07-23 - Modifying MS Office security warnings
- 2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer
- 2024-02-08 - Deep Dive Into Exploiting Windows Thread Pools
- 2021-07-23 - Modifying MS Office security warnings
- 2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer
- 2024-02-08 - Deep Dive Into Exploiting Windows Thread Pools
β€22
Dudes ransomed a small family owned bakery π
Ransoming their way to $50 and a bag of freshly baked cookies
Ransoming their way to $50 and a bag of freshly baked cookies
π’90π€£39π8β€2
Forwarded from Ransomware News (VX)
Group: 8base
Approx. Time: 22:38 11/02/24
Title: LILI'S BROWNIES
Approx. Time: 22:38 11/02/24
Title: LILI'S BROWNIES
π31π€―9π’9β€2π₯1
We are deeply saddened to share that all of the Twitter bots and/or spam accounts sharing pseudo-pornography in their Twitter bio does NOT deliver malware :(
It just does a bunch of dumb redirects and eventually drops you off on some fake looking dating site
It just does a bunch of dumb redirects and eventually drops you off on some fake looking dating site
π’160π€£36π11π4π4