We've updated the vx-underground leaked source code collection: Win32.HVNCBot
HVNC, Hidden VNC, is a bot used for surveillance on remote machines.
You can check out the source code here: https://github.com/vxunderground/MalwareSourceCode
* Unknown version number, noted release date of 2021
HVNC, Hidden VNC, is a bot used for surveillance on remote machines.
You can check out the source code here: https://github.com/vxunderground/MalwareSourceCode
* Unknown version number, noted release date of 2021
GitHub
GitHub - vxunderground/MalwareSourceCode: Collection of malware source code for a variety of platforms in an array of different…
Collection of malware source code for a variety of platforms in an array of different programming languages. - vxunderground/MalwareSourceCode
We've made updates to the vx-underground "Malware Builders and Tools" collection:
- Collector Builder
- CosaNostra Builder
- AbStealer Builder + Panel
- MarsStealer Builder + Panel
https://vx-underground.org/archive
- Collector Builder
- CosaNostra Builder
- AbStealer Builder + Panel
- MarsStealer Builder + Panel
https://vx-underground.org/archive
🔥1
We're currently pushing approx. 300,000 malware samples a day. Our goal is to have over 26,000,000 unique malware samples by early 2022.
We've made updates to the vx-underground "Malware Builders and Tools" collection:
- NjRat Builder + Panel
https://vx-underground.org
- NjRat Builder + Panel
https://vx-underground.org
Monday, October 18th, 2021 a Turkish individual leaked source code to Cerberus Android Banking Trojan. This appears to a variant of a previously leaked version we possess.
You can download Android.Cerberus.d here: https://github.com/vxunderground/MalwareSourceCode/tree/main/Leaks/Android
You can download Android.Cerberus.d here: https://github.com/vxunderground/MalwareSourceCode/tree/main/Leaks/Android
Additions to the VXUG papers collection:
-SmashEx: Smashing SGX Enclaves Using Exceptions by Jinhua Cui, Jason Yu, Shweta Shinde, Prateek Saxena, Zhiping Cai
-Analyzing ransomware negotiations with CONTI: An in-depth analysis by DIFR Research Group
https://vx-underground.org/papers
-SmashEx: Smashing SGX Enclaves Using Exceptions by Jinhua Cui, Jason Yu, Shweta Shinde, Prateek Saxena, Zhiping Cai
-Analyzing ransomware negotiations with CONTI: An in-depth analysis by DIFR Research Group
https://vx-underground.org/papers
Groove ransomware groups asks ransomware operators to unite to attack the United States. Groove asks operators to stop attacking Chinese organizations and warns of a possible race war in the United States.
Image 1: EN
Image 2: RU
Image 1: EN
Image 2: RU
Conti ransomware group has put out a statement regarding the recent REvil activities. We have archived it and placed it on Pastebin.
Title: Announcement. ReviLives.
Subject: Own opinion.
You can read it here: https://pastebin.com/kMQAbcFa
Title: Announcement. ReviLives.
Subject: Own opinion.
You can read it here: https://pastebin.com/kMQAbcFa
Espector.7z
101.6 KB
I will share something on Telegram before it goes live on vx-underground. Here are samples to APT Espector, a Chinese UEFI Bootkit and FiveSYS, a Microsoft signed Windows Rootkit. :) Have a good weekend:)
-smelly
-smelly
Updates to the vx-underground APT collection:
- FiveSYS, Microsoft signed Rootkit
- TinyVNC from Kimsuky Group
- APT Harvester campaign
and more...
Check it out here: https://vx-underground.org/apts
*Samples includes
- FiveSYS, Microsoft signed Rootkit
- TinyVNC from Kimsuky Group
- APT Harvester campaign
and more...
Check it out here: https://vx-underground.org/apts
*Samples includes