vx-underground
Recently we've had a few companies contact us about doing sponsored tweets. They see our engagement rates and likes on posts. They don't see that a majority of our follower base is criminals, weebs, degenerates, Linux users, and C programmers
*GNU/Linux, sorry
π112π€£102β€21π€18π8π―7π’3π₯2π±2
vx-underground
Recently we've had a few companies contact us about doing sponsored tweets. They see our engagement rates and likes on posts. They don't see that a majority of our follower base is criminals, weebs, degenerates, Linux users, and C programmers
We're C programmers πππ
π€£190β€βπ₯22π«‘12π₯9π₯°8π’4π€4
In Honor of World Password Day we would like to inform all of you that the password is "infected"
Thanks
Thanks
π₯140β€27π€―13π12π10π€8π7π3π₯°3π«‘3π2
17 days away from 5 year vx-underground anniversary
π139π₯16β€10π2π’1
Yesterday evening The Post Millennial, a Canadian conservative news website, was compromised. The landing page was defaced, displaying the transgender flag, as well as making a satirical post mocking conservative author and social media commentator Andy Ngo.
The Threat Actor(s) responsible for the compromise leaked information on 39,850 subscribers to the website. The leaked information includes:
- Gender
- Name
- Display name
- Nick name
- E-mail address
- Phone number
- Address
- Password
- Subscriber details (payment information)
- 'Daleted' β a boolean field incorrectly spelled
and more...
Passwords are in plain text. Payment information does not display credit card information. Payment information displays preferred payment method (e.g. PayPal, Credit Card, Debit Card) and currency used (e.g. CAD, USD). Some fields are optional such as telephone number or address. Additionally, this leak unveils some information on government representatives across the globe β including United States government personnel. This displays their contact information in plain text.
Also, the Threat Actor(s) leaked information on authors for The Post Millennial editors. We are not sure on the validity of this data, unless this website has 761 editors. Editor information disclosure shows:
- Username
- IP Address
- Phone number
- Country
- Email address
- Name
Image 1. Snippet of leaked subscriber information
Image 2. Snippet of leaked editor information
Image 3. Defaced website and satirical post
The Threat Actor(s) responsible for the compromise leaked information on 39,850 subscribers to the website. The leaked information includes:
- Gender
- Name
- Display name
- Nick name
- E-mail address
- Phone number
- Address
- Password
- Subscriber details (payment information)
- 'Daleted' β a boolean field incorrectly spelled
and more...
Passwords are in plain text. Payment information does not display credit card information. Payment information displays preferred payment method (e.g. PayPal, Credit Card, Debit Card) and currency used (e.g. CAD, USD). Some fields are optional such as telephone number or address. Additionally, this leak unveils some information on government representatives across the globe β including United States government personnel. This displays their contact information in plain text.
Also, the Threat Actor(s) leaked information on authors for The Post Millennial editors. We are not sure on the validity of this data, unless this website has 761 editors. Editor information disclosure shows:
- Username
- IP Address
- Phone number
- Country
- Email address
- Name
Image 1. Snippet of leaked subscriber information
Image 2. Snippet of leaked editor information
Image 3. Defaced website and satirical post
π₯96π€£45π’17π15β€9π€5π3π€―2π€1
vx-underground
Yesterday evening The Post Millennial, a Canadian conservative news website, was compromised. The landing page was defaced, displaying the transgender flag, as well as making a satirical post mocking conservative author and social media commentator Andy Ngo.β¦
Note:
* No Threat Actor(s) have taken credit for the compromise
* Individuals reviewing the data suspect the parent company, Psyclone Inc, may have been the initial access point. Evidence supporting this is debug data present in The Post Millennial database dump as well as adjacent website HumanEvents going offline β however this still remains speculation.
* No Threat Actor(s) have taken credit for the compromise
* Individuals reviewing the data suspect the parent company, Psyclone Inc, may have been the initial access point. Evidence supporting this is debug data present in The Post Millennial database dump as well as adjacent website HumanEvents going offline β however this still remains speculation.
β€40π€£8π€6
When we're coding we like to listen to gangster rap (it makes us feel cool and dangerous)
π133π€£26π₯18π€―6β€3π’3π3π₯°2π€2π―2π1
vx-underground
When we're coding we like to listen to gangster rap (it makes us feel cool and dangerous)
Note:
Other members of vx-underground listen to weird techno music that sounds like it belongs in an anime. Other members, such as Bradley, don't listen to anything so they can focus (he is probably a serial killer)
Other members of vx-underground listen to weird techno music that sounds like it belongs in an anime. Other members, such as Bradley, don't listen to anything so they can focus (he is probably a serial killer)
π98π€£47π―19π€5π4π«‘4π’2β€1π1
vx-underground
When you're a degenerate nerd but corporate asks you to go to a conference
(we're not the fancy smart looking dude in the suit)
π―53π€£28π±7π€6π’3β€1π€―1
Thank you to the people who enjoy calling us 'fart faces' and 'stinky' from compromised government e-mails. It's fun:)
It's also painstakingly obvious that less-developed countries run rampant with stealer malware and it poses a serious security threat
It's also painstakingly obvious that less-developed countries run rampant with stealer malware and it poses a serious security threat
π60π€£31π’7π5β€3π3π―3
vx-underground
Thank you to the people who enjoy calling us 'fart faces' and 'stinky' from compromised government e-mails. It's fun:) It's also painstakingly obvious that less-developed countries run rampant with stealer malware and it poses a serious security threat
These government e-mails, which can used for social engineering, can be sold for as low as $1 β in some cases they're free because of how many are available.
tl;dr their problem is your problem because they will use it against your company or end users
tl;dr their problem is your problem because they will use it against your company or end users
π59π18π’4
vx-underground
These government e-mails, which can used for social engineering, can be sold for as low as $1 β in some cases they're free because of how many are available. tl;dr their problem is your problem because they will use it against your company or end users
which can be used***
typos are cool and badass
typos are cool and badass
π€42π11
Underground ransomware group, a relatively new group which first appeared roughly March 21, 2024, has claimed to have ransomed Synology.
Synology is a Taiwanese corporation that specializes in network-attached storage appliances. Many nerds are familiar with them.
Underground ransomware group claims to have exfiltrated 51GBs of data. Upon review of leaked data snippets it appears they've primarily exfiltrated data off of user workstations. It is also in German. We aren't going to translate German into English (it's Saturday) β so we can't weight in on the validity or the value of the data.
Interestingly, the date of the data shows 2023-07-18. We aren't sure if they've had access to Synology for several months, or they've simply grabbed older data.
Unlike most traditional ransomware groups they also have a Telegram channel.
Synology is a Taiwanese corporation that specializes in network-attached storage appliances. Many nerds are familiar with them.
Underground ransomware group claims to have exfiltrated 51GBs of data. Upon review of leaked data snippets it appears they've primarily exfiltrated data off of user workstations. It is also in German. We aren't going to translate German into English (it's Saturday) β so we can't weight in on the validity or the value of the data.
Interestingly, the date of the data shows 2023-07-18. We aren't sure if they've had access to Synology for several months, or they've simply grabbed older data.
Unlike most traditional ransomware groups they also have a Telegram channel.
π€£67π₯9π€4β€2
vx-underground
Underground ransomware group, a relatively new group which first appeared roughly March 21, 2024, has claimed to have ransomed Synology. Synology is a Taiwanese corporation that specializes in network-attached storage appliances. Many nerds are familiarβ¦
Update:
Someone asked for a comment from Synology. Synology confirmed they were targeted by (what they believe to be) a spear-phishing campaign in April, 2023.
tl;dr the data is old. No ransomware was deployed. The company is not impacted.
Someone asked for a comment from Synology. Synology confirmed they were targeted by (what they believe to be) a spear-phishing campaign in April, 2023.
tl;dr the data is old. No ransomware was deployed. The company is not impacted.
π€£53π«‘8π3
Yesterday (or whenever, we don't care enough to get the exact date) F-Society ransomware group claimed to have compromised Bitfinex.
This compromise is a hoax. Bitfinex was not compromised. The 'stolen data' is just a list of username:password combinations from GitHub.
This compromise is a hoax. Bitfinex was not compromised. The 'stolen data' is just a list of username:password combinations from GitHub.
π€£77π8π6π3π―2π’1