Today journalist Brian Krebs released an article about the recent (sort of) compromise of National Public Data. Previously, National Public Data was (sort of) compromised which resulted in the theft of billions of records on individuals residing in the United States.
The drama update:
National Public Data owns a sub-company named RecordsCheck dot net. A customer of RecordsCheck dot net (later unveiled to be a law enforcement officer) was a victim of Information Stealer malware (e.g. Redline, Formbook, Lumma, etc). The malware stole login credentials to RecordsCheck for the law enforcement officer which allowed Threat Actors access to RecordsCheck with essentially infinite credits for searches. The Threat Actor(s) then subsequently began dumping as much data as possible.
The Brian Krebs plot twist:
Brian Krebs discovered that previously RecordsCheck publicly exposed a file on their website titled: "members dot zip". This zip file contained the username and password for every customer on their platform (and supposedly other entities owned by National Public Data) in a plain text file. Krebs discovered that by default, each customer is assigned a 6-character password. As of a result of this accidental exposure, RecordsCheck instructed customers to change their default 6-character password. It turns out many DID NOT change their default assigned 6-character password.
More information on the file exposure, back story, discovery, etc. Can be found on Brian Kreb's article here: https://krebsonsecurity.com/2024/08/national-public-data-published-its-own-passwords/
The drama update:
National Public Data owns a sub-company named RecordsCheck dot net. A customer of RecordsCheck dot net (later unveiled to be a law enforcement officer) was a victim of Information Stealer malware (e.g. Redline, Formbook, Lumma, etc). The malware stole login credentials to RecordsCheck for the law enforcement officer which allowed Threat Actors access to RecordsCheck with essentially infinite credits for searches. The Threat Actor(s) then subsequently began dumping as much data as possible.
The Brian Krebs plot twist:
Brian Krebs discovered that previously RecordsCheck publicly exposed a file on their website titled: "members dot zip". This zip file contained the username and password for every customer on their platform (and supposedly other entities owned by National Public Data) in a plain text file. Krebs discovered that by default, each customer is assigned a 6-character password. As of a result of this accidental exposure, RecordsCheck instructed customers to change their default 6-character password. It turns out many DID NOT change their default assigned 6-character password.
More information on the file exposure, back story, discovery, etc. Can be found on Brian Kreb's article here: https://krebsonsecurity.com/2024/08/national-public-data-published-its-own-passwords/
Krebs on Security
National Public Data Published Its Own Passwords
New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans' Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPDβ¦
π«‘50π€£31π±6π5π€―3β€2π’2π€2π1
This media is not supported in your browser
VIEW IN TELEGRAM
Thank you, Chris Hansen, for the kind words.
(we have no idea who paid Chris Hansen to do this)
(we have no idea who paid Chris Hansen to do this)
π€£128π«‘24π₯6π6π5π₯°4β€1π€1π’1
imagine one day the vx-underground website is compromised and the threat actor tries to deliver malware from it but everyone gets happy because they're just there for the malware anyway
π€£186π―24π₯10π€7π€4β€3π3π2π’2
vx-underground
Good news: we have malware Bad news: soon our malware collection will no longer be able to fit on an 8TB harddrive. Our entire malware collection 7z ultra compressed is 7.02TB. Papers is 139GB (59,807 papers).
Yes, I'm chillin' with 7TB of malware while running Windows. I like to play video games and I also like doing WINAPI coding. Yes, I could use a VM, but that's a lot of work. It's easier to just carefully not detonate 7TB of malware.
π€£186π«‘27π17π€14β€9π€―4β€βπ₯2π’1π―1
This media is not supported in your browser
VIEW IN TELEGRAM
π€£141π±28π«‘22π’9β€7π€3π3β€βπ₯2π2π€2π1
We have incredible news.
Yesterday we spoke with Bernardo Quintero β the Founder of VirusTotal. He granted us insane API access to clean our malware collection. Thanks to him, and the VirusTotal team, we can now guarantee we're sharing pure malware with all of you.
Thank you, VirusTotal
Yesterday we spoke with Bernardo Quintero β the Founder of VirusTotal. He granted us insane API access to clean our malware collection. Thanks to him, and the VirusTotal team, we can now guarantee we're sharing pure malware with all of you.
Thank you, VirusTotal
β€342π€£61π₯56π«‘26π₯°18β€βπ₯13π9π4π3π2π€1
Hello,
We're aware individuals are having problems accessing some files on vx-underground. Rest assured our finest nerds are on the case.
(two are on Holiday, we're so far up shits creek we can see the shit ocean).
We're aware individuals are having problems accessing some files on vx-underground. Rest assured our finest nerds are on the case.
(two are on Holiday, we're so far up shits creek we can see the shit ocean).
π€£96π«‘25π6π€5π’4β€2π€―2π1π±1π€1π1
POV: Your grandson downloaded a Fortnite mod from a YouTube comment section and now you're being extorted for $999 (but you get 50% off if you pay in less than 72 hours)
π€£118π€11π4π€4β€2π1
vx-underground
POV: Your grandson downloaded a Fortnite mod from a YouTube comment section and now you're being extorted for $999 (but you get 50% off if you pay in less than 72 hours)
This image was stolen from a Malwarebytes' post. This was the stock photo they used when discussing the National Public Data drama.
This guy looks so concerned πππ
This guy looks so concerned πππ
π50β€6π’5π«‘5π―4π±2π€£2π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
Some software is secretly malicious.
π₯102π€£45π€―30π±11π4β€3π3
Administrative updates:
Bad news:
Following our migration we're still having problems with users receiving ACCESS_DENIED when attempting to view or download files
Good news:
We have 100+- papers in queue. We broke a personal record and ingested 450,000+ new malware samples.
Bad news:
Following our migration we're still having problems with users receiving ACCESS_DENIED when attempting to view or download files
Good news:
We have 100+- papers in queue. We broke a personal record and ingested 450,000+ new malware samples.
β€βπ₯56π13β€5π4π’2
Our advice to anyone who is trying to grow a project, or community, or whatever, is to be consistent.
Our first year we barely had 1,000 followers. We celebrated when we broke 100 followers because it was surreal thinking 100 people cared about this crappy little website.
Our first year we barely had 1,000 followers. We celebrated when we broke 100 followers because it was surreal thinking 100 people cared about this crappy little website.
π81β€45π₯°17β€βπ₯12π₯12π€2π’2
vx-underground
Our advice to anyone who is trying to grow a project, or community, or whatever, is to be consistent. Our first year we barely had 1,000 followers. We celebrated when we broke 100 followers because it was surreal thinking 100 people cared about this crappyβ¦
Oh, and don't do it for clout. People can smell bullshit a mile away. Just be passionate about what you're doing and have fun. Everything else will follow.
π―108β€24π7π4π€4β€βπ₯2π₯2π€2π₯°1π’1
This media is not supported in your browser
VIEW IN TELEGRAM
β€86π«‘51π21π―20π±9π€9π6π4π’2π€―1π€©1
On Tuesday, August 20th, 2024, the United States Department of Justice did a press release on the most intelligent person in world history.
Jesse Kipf, 29 of Somerset, Kentucky, USA, owed a total of $195,758.65 in child support. Jesse, being a true intellectual, decided to the best decision was to compromise the United States Hawaii Death Registry System, using stolen credentials from a physician in a different state outside of Hawaii, and insert himself into the Death Registry. Additionally, he used his own name, Jesse Kipf, to assert his own death and certified his own death using the name Jesse Kipf
tl;dr Jesse Kipf died, death was certified by the deceased Jesse Kipf and corpse of Jesse Kipf was verified by the deceased Jesse Kipf (recursive death certification and verification?)
The death certificate was signed by a different physicians stolen signature.
He was sentenced to 6 years and 7 months in prison for being a true intellectual.
Jesse Kipf, 29 of Somerset, Kentucky, USA, owed a total of $195,758.65 in child support. Jesse, being a true intellectual, decided to the best decision was to compromise the United States Hawaii Death Registry System, using stolen credentials from a physician in a different state outside of Hawaii, and insert himself into the Death Registry. Additionally, he used his own name, Jesse Kipf, to assert his own death and certified his own death using the name Jesse Kipf
tl;dr Jesse Kipf died, death was certified by the deceased Jesse Kipf and corpse of Jesse Kipf was verified by the deceased Jesse Kipf (recursive death certification and verification?)
The death certificate was signed by a different physicians stolen signature.
He was sentenced to 6 years and 7 months in prison for being a true intellectual.
π€£150π«‘24π€―15β€6π’5π1π€1
vx-underground
On Tuesday, August 20th, 2024, the United States Department of Justice did a press release on the most intelligent person in world history. Jesse Kipf, 29 of Somerset, Kentucky, USA, owed a total of $195,758.65 in child support. Jesse, being a true intellectualβ¦
More information: https://www.justice.gov/usao-edky/pr/pulaski-county-man-sentenced-cyber-intrusion-and-aggravated-identity-theft
www.justice.gov
Pulaski County Man Sentenced for Cyber Intrusion and Aggravated
π€―23β€6π€3