We did a spam test on Twitter. We got 21 spam replies in 30 seconds. It keeps climbing.
https://twitter.com/vxunderground/status/1778807528417116177
https://twitter.com/vxunderground/status/1778807528417116177
X (formerly Twitter)
vx-underground (@vxunderground) on X
please help me my metamask got hacked, I forgot my metamask password I need help with my homework
π77π’12π±3π2
The spam bots are recursively replying to each other because their spam messages contain key words other spam bots use
tl;dr spam inception
https://twitter.com/rosenwells/status/1778809976930115626
tl;dr spam inception
https://twitter.com/rosenwells/status/1778809976930115626
X (formerly Twitter)
jimmy "fortnite" entrails (@rosenwells) on X
@vxunderground my account got hacked i need a sugar daddy my metamask trust wallet got hacked btc i want bitcoin i need someone to write my essay need a logo need a banner got suspended from fb i need xbox 360 login to metamask twitter account got bannedβ¦
π€£91π9β€7π4π€2π₯1
Hello, how are you?
Harddrives are back in stock. Merch store is back open for a limited time.
https://www.vx-underwear.org/
Harddrives are back in stock. Merch store is back open for a limited time.
https://www.vx-underwear.org/
π€41π₯13β€7π5π1
Today we spoke with RansomHub ransomware group.
Their representative immediately wanted to dispel any rumors of them being a potential rebrand of ALPHV ransomware group β they assert they're victims of the ALPHV exit scam. They appear to be hyper-aware of these allegations, suggesting they're (probably) on social media and actively monitoring discussions regarding their group.
Additionally, they shared with us various documents which illustrate possession of sensitive data from the United Healthcare Group breach.
* We are unable to verify the authenticity of these documents. However, we do not question the validity of the documents shown. We believe the data to be real.
* There is currently no concrete evidence to suggest RansomHub is a rebrand of ALPHV. Currently accusations of them being a rebrand primarily revolve around the time of their initial launch and 'gut feelings'. To the best of our knowledge there is not any other publicly available information which proves beyond a reasonable doubt this is ALPHV.
* No RansomHub ransomware group payload has surfaced online. We do believe it exists. They are either undiscovered or labeled TLP:RED and are not shared publicly. Some reports suggest the payload is written in Go, but no IOCs were shared.
* RansomHub would not share a malware sample with us. RansomHub would not provide us with photos or access to their ransomware affiliate panel. RansomHub told us they're currently re-developing (?) their ransomware payload.
Their representative immediately wanted to dispel any rumors of them being a potential rebrand of ALPHV ransomware group β they assert they're victims of the ALPHV exit scam. They appear to be hyper-aware of these allegations, suggesting they're (probably) on social media and actively monitoring discussions regarding their group.
Additionally, they shared with us various documents which illustrate possession of sensitive data from the United Healthcare Group breach.
* We are unable to verify the authenticity of these documents. However, we do not question the validity of the documents shown. We believe the data to be real.
* There is currently no concrete evidence to suggest RansomHub is a rebrand of ALPHV. Currently accusations of them being a rebrand primarily revolve around the time of their initial launch and 'gut feelings'. To the best of our knowledge there is not any other publicly available information which proves beyond a reasonable doubt this is ALPHV.
* No RansomHub ransomware group payload has surfaced online. We do believe it exists. They are either undiscovered or labeled TLP:RED and are not shared publicly. Some reports suggest the payload is written in Go, but no IOCs were shared.
* RansomHub would not share a malware sample with us. RansomHub would not provide us with photos or access to their ransomware affiliate panel. RansomHub told us they're currently re-developing (?) their ransomware payload.
π€51π€7β€6π€£5π€―2π’1
Ubisoft has begun revoking the ability for people to play "The Crew" because they're shutting the servers down at the end of April.
The Crew has an offline single player option.
When people try to launch the game they're greeted with "You no longer have access to this game".
The Crew has an offline single player option.
When people try to launch the game they're greeted with "You no longer have access to this game".
π’117π€£73π€14π±9π«‘8π3
Here is your daily dose of LOLWTF
- Toyota Brazil ransomed by Hunters International ransomware group
- Department of Insurance, Securities and Banking ransomed by Lockbit ransomware group
- Probably like a dozen or so small businesses ransomed which are unable to afford cybersecurity software
- Hunters International ransomware group and RansomHub ransomware group are the flavor the week
- Lockbit administrative staff yelling at affiliates to not give more than a 50% discount
- Windows 11 will start showing 'recommendations' which look very similar to ads, they don't say they're ads though just recommendations that you can disable if you look hard enough in your settings
- Ubisoft revoking gamers abilities to play The Crew 1 because they shut down servers, nerds rage because digital purchases aren't real purchases anymore
See you space cowboy...
- Toyota Brazil ransomed by Hunters International ransomware group
- Department of Insurance, Securities and Banking ransomed by Lockbit ransomware group
- Probably like a dozen or so small businesses ransomed which are unable to afford cybersecurity software
- Hunters International ransomware group and RansomHub ransomware group are the flavor the week
- Lockbit administrative staff yelling at affiliates to not give more than a 50% discount
- Windows 11 will start showing 'recommendations' which look very similar to ads, they don't say they're ads though just recommendations that you can disable if you look hard enough in your settings
- Ubisoft revoking gamers abilities to play The Crew 1 because they shut down servers, nerds rage because digital purchases aren't real purchases anymore
See you space cowboy...
π«‘78β€11π€£4π2π€―2π2π1
vx-underground
Yesterday the Cyb3rAv3ngers contacted us β a group tied to the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC). Based on the events unfolding right now this message is suddenly very ominous π
X (formerly Twitter)
Alexander Leslie (@aejleslie) on X
CyberAv3ngers unmasked.
@USTreasury sanctions six officials in the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) βresponsible for a series of malicious cyber activities against critical infrastructure in the United Statesβ¦
@USTreasury sanctions six officials in the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) βresponsible for a series of malicious cyber activities against critical infrastructure in the United Statesβ¦
π23π€£14π€―8
Today is a day for rest.
Enjoy your Sunday.
Enjoy your Sunday.
β€75π’12π11π€7π6π4π€©3π1
This media is not supported in your browser
VIEW IN TELEGRAM
ok, 1 last schizo meme tech post (stolen from telegram) on the day of rest. sorry
π€£86π₯10β€5π4π3π2β€βπ₯1
Today on CBS News 60 minutes β Cyber Threat Intelligence experts went on national television to discuss ransomware. Most interestingly, during the airing of the segment, researchers discuss "the Com".
They highlight "JackIdiot", "Star Chat", "Flawless" and "Fresh"
They highlight "JackIdiot", "Star Chat", "Flawless" and "Fresh"
π€£98π€13π3π₯3β€1π«‘1
vx-underground
Today on CBS News 60 minutes β Cyber Threat Intelligence experts went on national television to discuss ransomware. Most interestingly, during the airing of the segment, researchers discuss "the Com". They highlight "JackIdiot", "Star Chat", "Flawless" andβ¦
The show also features the head of the FBI Cyber Crime division, Bryan Vorndran, and ex NSA Cyber Security director Rob Joyce.
You can watch the video here: https://www.cbsnews.com/news/cybersecurity-investigators-worry-ransomware-attacks-may-worsen-as-young-hackers-in-us-work-with-russians-60-minutes-transcript/
You can watch the video here: https://www.cbsnews.com/news/cybersecurity-investigators-worry-ransomware-attacks-may-worsen-as-young-hackers-in-us-work-with-russians-60-minutes-transcript/
CBS News
Cybersecurity investigators worry ransomware attacks may worsen as young, Western hackers work with Russians
Cybersecurity investigators worry ransomware attacks may worsen as young, native-English speaking hackers in the U.S., U.K. and Canada team up with Russian hackers.
π€£50β€βπ₯6π«‘6π€5π₯4π±2β€1π1
We have a lot of malware samples and malware papers to add. Unfortunately, due to IRL responsibilities this will not happen immediately.
To compensate for this setback we have drawn a shitty picture in MS-PAINT which could illustrate what could have been added
To compensate for this setback we have drawn a shitty picture in MS-PAINT which could illustrate what could have been added
β€72π€£19π€10π8π«‘8π3π―3π€1
The Breach forum .cx has been suspended β as is tradition.
The .onion is still live β as is tradition.
The .onion is still live β as is tradition.
π80π13β€6
Awhile back we heard rumors of a Telegram RCE 0day. We brushed it off as silly memes. Turns out the 0day was 100% real and you're all probably pwned.
It was unveiled on XSS. Nerds celebrated
(joking about pwned part... kind of)
More information: https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-used-to-launch-python-scripts/
It was unveiled on XSS. Nerds celebrated
(joking about pwned part... kind of)
More information: https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-used-to-launch-python-scripts/
BleepingComputer
Telegram fixes Windows app zero-day used to launch Python scripts
Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts.
π€64π16π€7β€3π3π₯°1π’1