vx-underground
When you're a degenerate nerd but corporate asks you to go to a conference
(we're not the fancy smart looking dude in the suit)
π―53π€£28π±7π€6π’3β€1π€―1
Thank you to the people who enjoy calling us 'fart faces' and 'stinky' from compromised government e-mails. It's fun:)
It's also painstakingly obvious that less-developed countries run rampant with stealer malware and it poses a serious security threat
It's also painstakingly obvious that less-developed countries run rampant with stealer malware and it poses a serious security threat
π60π€£31π’7π5β€3π3π―3
vx-underground
Thank you to the people who enjoy calling us 'fart faces' and 'stinky' from compromised government e-mails. It's fun:) It's also painstakingly obvious that less-developed countries run rampant with stealer malware and it poses a serious security threat
These government e-mails, which can used for social engineering, can be sold for as low as $1 β in some cases they're free because of how many are available.
tl;dr their problem is your problem because they will use it against your company or end users
tl;dr their problem is your problem because they will use it against your company or end users
π59π18π’4
vx-underground
These government e-mails, which can used for social engineering, can be sold for as low as $1 β in some cases they're free because of how many are available. tl;dr their problem is your problem because they will use it against your company or end users
which can be used***
typos are cool and badass
typos are cool and badass
π€42π11
Underground ransomware group, a relatively new group which first appeared roughly March 21, 2024, has claimed to have ransomed Synology.
Synology is a Taiwanese corporation that specializes in network-attached storage appliances. Many nerds are familiar with them.
Underground ransomware group claims to have exfiltrated 51GBs of data. Upon review of leaked data snippets it appears they've primarily exfiltrated data off of user workstations. It is also in German. We aren't going to translate German into English (it's Saturday) β so we can't weight in on the validity or the value of the data.
Interestingly, the date of the data shows 2023-07-18. We aren't sure if they've had access to Synology for several months, or they've simply grabbed older data.
Unlike most traditional ransomware groups they also have a Telegram channel.
Synology is a Taiwanese corporation that specializes in network-attached storage appliances. Many nerds are familiar with them.
Underground ransomware group claims to have exfiltrated 51GBs of data. Upon review of leaked data snippets it appears they've primarily exfiltrated data off of user workstations. It is also in German. We aren't going to translate German into English (it's Saturday) β so we can't weight in on the validity or the value of the data.
Interestingly, the date of the data shows 2023-07-18. We aren't sure if they've had access to Synology for several months, or they've simply grabbed older data.
Unlike most traditional ransomware groups they also have a Telegram channel.
π€£67π₯9π€4β€2
vx-underground
Underground ransomware group, a relatively new group which first appeared roughly March 21, 2024, has claimed to have ransomed Synology. Synology is a Taiwanese corporation that specializes in network-attached storage appliances. Many nerds are familiarβ¦
Update:
Someone asked for a comment from Synology. Synology confirmed they were targeted by (what they believe to be) a spear-phishing campaign in April, 2023.
tl;dr the data is old. No ransomware was deployed. The company is not impacted.
Someone asked for a comment from Synology. Synology confirmed they were targeted by (what they believe to be) a spear-phishing campaign in April, 2023.
tl;dr the data is old. No ransomware was deployed. The company is not impacted.
π€£53π«‘8π3
Yesterday (or whenever, we don't care enough to get the exact date) F-Society ransomware group claimed to have compromised Bitfinex.
This compromise is a hoax. Bitfinex was not compromised. The 'stolen data' is just a list of username:password combinations from GitHub.
This compromise is a hoax. Bitfinex was not compromised. The 'stolen data' is just a list of username:password combinations from GitHub.
π€£77π8π6π3π―2π’1
vx-underground
Yesterday (or whenever, we don't care enough to get the exact date) F-Society ransomware group claimed to have compromised Bitfinex. This compromise is a hoax. Bitfinex was not compromised. The 'stolen data' is just a list of username:password combinationsβ¦
If you or someone you know recently commented on this situation without verifying the validity of the data please deploy one (1) monkey bonk.
Thanks,
Thanks,
π€£89π9π7π5β€2
Hello, how are you?
We hope everyone had a good week and is enjoying their weekend thus far. Today is the day of rest.
Enjoy your Sunday.
We hope everyone had a good week and is enjoying their weekend thus far. Today is the day of rest.
Enjoy your Sunday.
β€105π₯°12π«‘8π₯6π2π’1π€£1
Telegram nerds,
Per request (multiple requests...) we will enable comments on posts on Telegram. We will do it some time next week, whenever we get around to it. Please try to keep it civil (we know you won't, you're all a bunch of degenerates, but please try).
Have a nice day.
Per request (multiple requests...) we will enable comments on posts on Telegram. We will do it some time next week, whenever we get around to it. Please try to keep it civil (we know you won't, you're all a bunch of degenerates, but please try).
Have a nice day.
π€198β€58π41π€£31π17π«‘15π±8π€©7π―6π₯°5π€―4
Today Lockbit ransomware group's website has been seized (again).
The new server hijack mocking asks Lockbit ransomware group administrative "What have we learned?" and states they will unveil more identities of ransomware operators behind Lockbit (possibly the leaders too)
The new server hijack mocking asks Lockbit ransomware group administrative "What have we learned?" and states they will unveil more identities of ransomware operators behind Lockbit (possibly the leaders too)
π€£149π11π€10π’4β€3π3
vx-underground
Today Lockbit ransomware group's website has been seized (again). The new server hijack mocking asks Lockbit ransomware group administrative "What have we learned?" and states they will unveil more identities of ransomware operators behind Lockbit (possiblyβ¦
It is the day of rest. However, the FBI and NCA UK apparently do not believe in this. We are upset by this. Both organizations can now redeem one (1) monkey bonk at their time of choosing.
π€£100β€11π₯°5π4π1
vx-underground
It is the day of rest. However, the FBI and NCA UK apparently do not believe in this. We are upset by this. Both organizations can now redeem one (1) monkey bonk at their time of choosing.
This media is not supported in your browser
VIEW IN TELEGRAM
Nevermind, they got bonked now β was enjoying some ice cream and watching Brooklyn Nine-Nine until nerds began blowing up the phone.
π«‘77π€£24β€9π―4π2
This media is not supported in your browser
VIEW IN TELEGRAM
FBI and NCA UK right now after seizing Lockbit ransomware groups website for a 2nd time ππ
π72π€£37π4π€3
Today we spoke with Lockbit ransomware group administrative staff regarding the return of the old domain and new messages from FBI, NCA UK, and EURPOL.
Lockbit ransomware group states law enforcement is lying.
Lockbit also said and quote: "I don't understand why they're putting on this little show. They're clearly upset we continue to work."
Lockbit insists they will continue to work and will continue to "bring" new victims.
In roughly 36 hours the FBI, NCA UK, and EUROPOL hint at unveiling the identity of the leader(s) of Lockbit ransomware group and the identities of more ransomware affiliates.
Lockbit ransomware group states law enforcement is lying.
Lockbit also said and quote: "I don't understand why they're putting on this little show. They're clearly upset we continue to work."
Lockbit insists they will continue to work and will continue to "bring" new victims.
In roughly 36 hours the FBI, NCA UK, and EUROPOL hint at unveiling the identity of the leader(s) of Lockbit ransomware group and the identities of more ransomware affiliates.
π₯63π€£15π8β€4π2π’1
vx-underground
Today we spoke with Lockbit ransomware group administrative staff regarding the return of the old domain and new messages from FBI, NCA UK, and EURPOL. Lockbit ransomware group states law enforcement is lying. Lockbit also said and quote: "I don't understandβ¦
Will law enforcement actually unveil the leadership behind Lockbit ransomware group?
Will law enforcement indict more ransomware operators?
What has law enforcement secretly been doing?
What will the press release say?
Find out on the next episode of Dragon Ball Z
Will law enforcement indict more ransomware operators?
What has law enforcement secretly been doing?
What will the press release say?
Find out on the next episode of Dragon Ball Z
π€£143π15β€11π€―6π€4π«‘2