There have been multiple instances now where we end up speaking with Chief Executive Officer's at large, and well-known, cyber security company's.
Ultimately during the course of our conversation we end up responding with kitty kat pictures.
Each time they're confused πππ
Imagine being the big-boss of some place and unironically having to deal our dumbasses because we're the only morons willing to collect malware material at this scaleππ
Ultimately during the course of our conversation we end up responding with kitty kat pictures.
Each time they're confused πππ
Imagine being the big-boss of some place and unironically having to deal our dumbasses because we're the only morons willing to collect malware material at this scaleππ
π€£128π22π16β€8π4π1π’1π«‘1
The CEO of Telegram was arrested in France at 8PM (approx. 3 hours ago as of this writing).
It is alleged he was arrested for lack of moderation on Telegram and not complying with Law Enforcement agencies.
https://www.tf1info.fr/justice-faits-divers/info-tf1-lci-le-fondateur-et-pdg-de-la-messagerie-cryptee-telegram-interpelle-en-france-2316072.html
It is alleged he was arrested for lack of moderation on Telegram and not complying with Law Enforcement agencies.
https://www.tf1info.fr/justice-faits-divers/info-tf1-lci-le-fondateur-et-pdg-de-la-messagerie-cryptee-telegram-interpelle-en-france-2316072.html
TF1 INFO
INFO TF1-LCI - Le fondateur et PDG de la messagerie Telegram interpellΓ© en France | TF1 Info
[VIDΓO] Selon nos informations, le fondateur et PDG de la messagerie sΓ©curisΓ©e Telegram a Γ©tΓ© interpellΓ© ce samedi soir Γ l'aΓ©roport du Bourget. Pavel Durov, franco-russe de 39 ans, Γ©tait accompagnΓ© de son garde du corps et d'une femme. - INFO TF1-LCI - Leβ¦
π’239π±47π€£20β€15π«‘12π₯8π€―8π€6β€βπ₯4π1
Administrative updates:
- Daily malware ingestion average is 400,000
- Infrastructure difficulties with our VXDB β migrating is illegal and for nerds
- Paper additions temporarily suspended
- SosMula of City Morgue agreed to give us his autograph
Have a nice day
- Daily malware ingestion average is 400,000
- Infrastructure difficulties with our VXDB β migrating is illegal and for nerds
- Paper additions temporarily suspended
- SosMula of City Morgue agreed to give us his autograph
Have a nice day
π₯37π19β€8π€1π’1π―1
Helping us helps students and academics across the planet with cybersecurity research and education.
Universities that use vx-underground (in some capacity):
- University of Science and Technology of China
- East Carolina University
- The University of Oklahoma
- Gazi University
- University of Maryland, Baltimore County
- Dokuz EylΓΌl University
- Ain Shams University
- Autonomous University of Nuevo LeΓ³n
- Central Connecticut State University
- Louisiana State University
- Georgia Institute of Technology
- University of Alabama in Huntsville
- Iowa State University
- Columbia University
- Rochester Institute of Technology
- University of North Carolina
- Liberty University of Virginia
- Full Sail University
- Jordan University of Science and Technology
- Deakin University
- George Mason University
- Instituto Tecnologico de Las Americas
- Gadjah Mada University
- Arizona State University
Universities that use vx-underground (in some capacity):
- University of Science and Technology of China
- East Carolina University
- The University of Oklahoma
- Gazi University
- University of Maryland, Baltimore County
- Dokuz EylΓΌl University
- Ain Shams University
- Autonomous University of Nuevo LeΓ³n
- Central Connecticut State University
- Louisiana State University
- Georgia Institute of Technology
- University of Alabama in Huntsville
- Iowa State University
- Columbia University
- Rochester Institute of Technology
- University of North Carolina
- Liberty University of Virginia
- Full Sail University
- Jordan University of Science and Technology
- Deakin University
- George Mason University
- Instituto Tecnologico de Las Americas
- Gadjah Mada University
- Arizona State University
β€145β€βπ₯28π€17π8π4π€3π2
Regarding Pavel Durov, the apprehension of the CEO of Telegram:
tl;dr is he responsible for the crazy stuff people do?
There is a difference between freedom of speech and freedom of consequences. Indeed β Mr. Durov provides a platform used by journalists and individuals communicating under tyranny. However, because Mr. Durov is the CEO of a large communications platform, his organization is subject to different territories judicial rulings. Virtually every single country on the planet has regulations in place which define the responsibilities of the entity (i.e. organization) and the roles they must introduce to prohibit illegal behavior. Some countries are more restrictive, others are more 'lax.
It is no surprise really France (and surely other countries beyond France) believe Mr. Durov must be held responsible for the behavior of its end users. This is not a debate of 'free speech' as it falls within the scope of liability of end user behavior.
Example: we are aware Wagner Group openly recruits people on Telegram. Should Wagner group be allowed on Telegram? Many countries despise this group, whereas other countries like this group and praise their actions (we are sure our western colleagues may find that shocking). If they are allowed to use Telegram, to what end can they operate? Is Mr. Durov responsible for their actions which violate laws in different regions? This is not a rhetorical question. Each country, people from different geographical locations, philosophical beliefs, religions, and personal experiences will answer this question differently.
Moreover, because some people have condemned Telegram for being a drug market β this is nothing new to social media platforms. It is common place for many social media platforms such as Facebook and Instagram to find people advertising drug sales. The primary difference is Telegram is less likely to cooperate with western governments and Telegram does not fall within the reach of western governments. Meta (e.g. Facebook, Instagram) cooperates with law enforcement on both a local and federal level for nearly every single country on the planet.
We have no comment on the debate on E2E encryption. We use Signal. We'll let someone privy to privacy stuff to take that lead.
This is just our pseudo-educated (still ignorant) comment on a very complex problem which will continue to plague companies as things become more global.
tl;dr is he responsible for the crazy stuff people do?
There is a difference between freedom of speech and freedom of consequences. Indeed β Mr. Durov provides a platform used by journalists and individuals communicating under tyranny. However, because Mr. Durov is the CEO of a large communications platform, his organization is subject to different territories judicial rulings. Virtually every single country on the planet has regulations in place which define the responsibilities of the entity (i.e. organization) and the roles they must introduce to prohibit illegal behavior. Some countries are more restrictive, others are more 'lax.
It is no surprise really France (and surely other countries beyond France) believe Mr. Durov must be held responsible for the behavior of its end users. This is not a debate of 'free speech' as it falls within the scope of liability of end user behavior.
Example: we are aware Wagner Group openly recruits people on Telegram. Should Wagner group be allowed on Telegram? Many countries despise this group, whereas other countries like this group and praise their actions (we are sure our western colleagues may find that shocking). If they are allowed to use Telegram, to what end can they operate? Is Mr. Durov responsible for their actions which violate laws in different regions? This is not a rhetorical question. Each country, people from different geographical locations, philosophical beliefs, religions, and personal experiences will answer this question differently.
Moreover, because some people have condemned Telegram for being a drug market β this is nothing new to social media platforms. It is common place for many social media platforms such as Facebook and Instagram to find people advertising drug sales. The primary difference is Telegram is less likely to cooperate with western governments and Telegram does not fall within the reach of western governments. Meta (e.g. Facebook, Instagram) cooperates with law enforcement on both a local and federal level for nearly every single country on the planet.
We have no comment on the debate on E2E encryption. We use Signal. We'll let someone privy to privacy stuff to take that lead.
This is just our pseudo-educated (still ignorant) comment on a very complex problem which will continue to plague companies as things become more global.
β€βπ₯139π52π€£29π€19π€9π―8π«‘8β€7π’4π2π±2
vx-underground
Regarding Pavel Durov, the apprehension of the CEO of Telegram: tl;dr is he responsible for the crazy stuff people do? There is a difference between freedom of speech and freedom of consequences. Indeed β Mr. Durov provides a platform used by journalistsβ¦
> make post about tg guy
> leave pc
> return
> people screaming fed, saying theyre unfollowing
You don't need to inform us you're unfollowing β you're free to unfollow, complain to your Mom, and yell at the gas station clerk about our comment.
Have a nice day.
> leave pc
> return
> people screaming fed, saying theyre unfollowing
You don't need to inform us you're unfollowing β you're free to unfollow, complain to your Mom, and yell at the gas station clerk about our comment.
Have a nice day.
β€βπ₯123π€£80π«‘17π₯7π6π€6β€4π4π’3π₯°1π€1
vx-underground
Telegram is cool and badass
It's recursive (Telegram is cool and badass)
π€£150π14β€7π₯4π€©4π’2π€2β€βπ₯1π€1π1π1
Thank you to our friend ddd1ms for the NAS hardware donation.
We are no longer storing the vx-underground archives on an old creeky external harddrive.
We now have 48TB of RAID storage, or something, something fancy. It's really cool. Thank you so much.
We are no longer storing the vx-underground archives on an old creeky external harddrive.
We now have 48TB of RAID storage, or something, something fancy. It's really cool. Thank you so much.
π143β€23β€βπ₯9π8π4π’2π€2π₯°1
vx-underground
Thank you to our friend ddd1ms for the NAS hardware donation. We are no longer storing the vx-underground archives on an old creeky external harddrive. We now have 48TB of RAID storage, or something, something fancy. It's really cool. Thank you so much.
The potatoes are there because the NAS heats them up, then the mini-fan on the floor distributes a nice potato smell throughout the office.
π€£169β€29π€8π3π₯°2π’2β€βπ₯1π1
Hello,
Please do not lie on your resume and claim to be 'employed' at vx-underground. It is very awkward when we have to inform your potential employer that you're lying.
Also, it's weird, don't be a booger.
Thanks,
Please do not lie on your resume and claim to be 'employed' at vx-underground. It is very awkward when we have to inform your potential employer that you're lying.
Also, it's weird, don't be a booger.
Thanks,
π€£236π17β€15π€11π«‘10π€―9π’4β€βπ₯3π€2π1π―1
We've updated the vx-underground Malware Ingestion feed. All ingested malware samples from May, June, and July are now present and available for bulk download.
*All samples named appropriately via VirusTotal API.
May, 2024:
- 90.3GB (compressed)
- 358,067 malware samples
June, 2024:
- 118.3GB (compressed)
- 354,248 malware samples
July, 2024:
- 103.4GB (compressed)
- 379,219 malware samples
August, 2024 (1st - 16th)
- 416GB (uncompressed)
- 668,422 malware samples
You nerds better be pullin' this stuff >:(
Check it out here: https://vx-underground.org/Samples/MalwareIngestion
*All samples named appropriately via VirusTotal API.
May, 2024:
- 90.3GB (compressed)
- 358,067 malware samples
June, 2024:
- 118.3GB (compressed)
- 354,248 malware samples
July, 2024:
- 103.4GB (compressed)
- 379,219 malware samples
August, 2024 (1st - 16th)
- 416GB (uncompressed)
- 668,422 malware samples
You nerds better be pullin' this stuff >:(
Check it out here: https://vx-underground.org/Samples/MalwareIngestion
Vx Underground
The largest collection of malware source code, samples, and papers on the internet.
β€35π«‘16π2π2π’1
Dear large enterprise companies using our website,
Contact your boss, or your bosses boss, and tell them to give us some of their large enterprise company money. We offer everything for free, if you're going to profit off our work, at least throw us a few bucks
Thanks,
Contact your boss, or your bosses boss, and tell them to give us some of their large enterprise company money. We offer everything for free, if you're going to profit off our work, at least throw us a few bucks
Thanks,
β€142π27π―20π€£11π9π7π€2β€βπ₯1π’1
vx-underground
Dear large enterprise companies using our website, Contact your boss, or your bosses boss, and tell them to give us some of their large enterprise company money. We offer everything for free, if you're going to profit off our work, at least throw us a fewβ¦
inb4 gives us $50 and a free t-shirt when they've prolly made $20,000,000 from our malware samples
π’116π€£43π€―11β€6π₯°3π1π±1π1π€1
Most prolific serial killers in American history:
10. David Berkowitz
9. Samuel Little
8. Aileen Wuornos
7. Gary Ridgway
6. Jeffrey Dahmer
5. Richard Ramirez
4. Dennis Rader
3. John Wayne Gacy
2. Ted Bundy
1. Boeing
10. David Berkowitz
9. Samuel Little
8. Aileen Wuornos
7. Gary Ridgway
6. Jeffrey Dahmer
5. Richard Ramirez
4. Dennis Rader
3. John Wayne Gacy
2. Ted Bundy
1. Boeing
π€£193π―27π«‘15β€5π’5π4π₯2π2π±2π2π₯°1
Updates:
Families:
- AgentTesla
- AsyncRAT
- CryptBot
- DarkComet
- DCRat
- FormBook
- GuLoader
- Latrodectus
- LummaStealer
- Mirai
- OxyPumper
- RedLine
- Remcos
- RevengeRAT
- SnakeKeylogger
- STRRAT
- TrickBot
- XMRig
- XWorm
- ZharkRAT
Papers:
- 2012-10-02 - Blackhole Exploit Kit: Rise and Evolution.pdf
- 2015-09-15 - In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia.pdf
- 2015-09-24 - Meet GreenDispenser: A New Breed of ATM Malware.pdf
- 2021-12-22 - Establishing the TigerRAT and TigerDownloader Malware Families.pdf
- 2022-04-27 - BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX.pdf
- 2022-08-22 - Ocean Lotus APT Group.pdf
- 2022-10-12 - TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks.pdf
- 2023-04-14 - SHATTEREDGLASS Server Emulator.pdf
- 2023-07-03 - Chinese Threat Actors Targeting Europe in SmugX Campaign.pdf
- 2023-07-29 - Unknown powershell backdoor with ties to new Zloader.pdf
- 2023-09-14 - Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets.pdf
- 2023-12-11 - Mustang Panda's PlugX new variant targetting Taiwanese government and diplomats.pdf
- 2024-01-24 - The Endless Struggle Against APT10- Insights from LODEINFO v0.6.6 - v0.7.3 Analysis.pdf
- 2024-03-04 - On-Device Fraud on the rise: exposing a recent Copybara fraud campaign.pdf
- 2024-03-22 - APT29 Uses WINELOADER to Target German Political Parties.pdf
- 2024-03-22 - Large-Scale StrelaStealer Campaign in Early 2024.pdf
- 2024-03-24 - Analysis of DEV#POPPER: New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors.pdf
- 2024-04-02 - Updated StrelaStealer Targeting European Countries.pdf
- 2024-04-19 - Gold Pickaxe iOS Technical Analysis- IPA Overview and C2 Communication Start up.pdf
- 2024-04-27 - Finding Malware: Detecting SOGU with Google Security Operations.pdf
- 2024-06-09 - New Threat: A Deep Dive Into the Zergeca Botnet.pdf
- 2024-06-24 - StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe.pdf
- 2024-07-05 - CLEARFAKE Update Tricks Victim into Executing Malicious PowerShell Code.pdf
- 2024-07-09 - Italian government agencies and companies in the target of a Chinese APT.pdf
- 2024-07-10 - DodgeBox: A deep dive into the updated arsenal of APT41 - Part 1.pdf
- 2024-07-11 - Brief technical analysis of the 'Poseidon Stealer' malware.pdf
- 2024-07-11 - ClickFix Deception: A Social Engineering Tactic to Deploy Malware.pdf
- 2024-07-11 - CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools.pdf
- 2024-07-11 - MoonWalk: A deep dive into the updated arsenal of APT41 - Part 2.pdf
- 2024-07-14 - Fake AWS Packages Ship Command and Control Malware In JPEG Files.pdf
- 2024-07-14 - Malware Analysis: Rhadamanthys.pdf
- 2024-07-15 - CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks.pdf
- 2024-07-16 - MirrorFace Attack against Japanese Organisations.pdf
- 2024-07-16 - NullBulge: Threat Actor Masquerades as Hacktivist Group Rebelling Against AI.pdf
- 2024-07-17 - The Return of Ghost Emperor's Demodex.pdf
- 2024-07-18 - Emerging IoT Wiper Malware: Kaden and New LOLFME Botnet Variants.pdf
- 2024-07-23 - A Simple Approach to Discovering Oyster Backdoor Infrastructure.pdf
- 2024-07-24 - APT45: North Korea's Digital Military Machine.pdf
- 2024-07-24 - Malware Campaign Lures Users With Fake W2 Form.pdf
- 2024-07-24 - Rhysida using Oyster Backdoor to deliver ransomware.pdf
- 2024-07-24 - UAC-0063 Attack Detection: Hackers Target Ukrainian Research Institutions Using HATVIBE, CHERRYSPY, and CVE-2024-23692.pdf
- 2024-07-25 - Growing Number of Threats Leveraging AI.pdf
- 2024-07-28 - CyberGate Technical Analysis.pdf
- 2024-07-30 - Too big to care: Our disappointment with Cloudflare's anti-abuse posture.pdf
- 2024-07-31 - Research Update: Threat Actors Behind the DEV#POPPER Campaign Have Retooled and are Continuing to Target Software Developers via Social Engineering.pdf
- 2024-08-01
Families:
- AgentTesla
- AsyncRAT
- CryptBot
- DarkComet
- DCRat
- FormBook
- GuLoader
- Latrodectus
- LummaStealer
- Mirai
- OxyPumper
- RedLine
- Remcos
- RevengeRAT
- SnakeKeylogger
- STRRAT
- TrickBot
- XMRig
- XWorm
- ZharkRAT
Papers:
- 2012-10-02 - Blackhole Exploit Kit: Rise and Evolution.pdf
- 2015-09-15 - In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia.pdf
- 2015-09-24 - Meet GreenDispenser: A New Breed of ATM Malware.pdf
- 2021-12-22 - Establishing the TigerRAT and TigerDownloader Malware Families.pdf
- 2022-04-27 - BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX.pdf
- 2022-08-22 - Ocean Lotus APT Group.pdf
- 2022-10-12 - TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks.pdf
- 2023-04-14 - SHATTEREDGLASS Server Emulator.pdf
- 2023-07-03 - Chinese Threat Actors Targeting Europe in SmugX Campaign.pdf
- 2023-07-29 - Unknown powershell backdoor with ties to new Zloader.pdf
- 2023-09-14 - Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets.pdf
- 2023-12-11 - Mustang Panda's PlugX new variant targetting Taiwanese government and diplomats.pdf
- 2024-01-24 - The Endless Struggle Against APT10- Insights from LODEINFO v0.6.6 - v0.7.3 Analysis.pdf
- 2024-03-04 - On-Device Fraud on the rise: exposing a recent Copybara fraud campaign.pdf
- 2024-03-22 - APT29 Uses WINELOADER to Target German Political Parties.pdf
- 2024-03-22 - Large-Scale StrelaStealer Campaign in Early 2024.pdf
- 2024-03-24 - Analysis of DEV#POPPER: New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors.pdf
- 2024-04-02 - Updated StrelaStealer Targeting European Countries.pdf
- 2024-04-19 - Gold Pickaxe iOS Technical Analysis- IPA Overview and C2 Communication Start up.pdf
- 2024-04-27 - Finding Malware: Detecting SOGU with Google Security Operations.pdf
- 2024-06-09 - New Threat: A Deep Dive Into the Zergeca Botnet.pdf
- 2024-06-24 - StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe.pdf
- 2024-07-05 - CLEARFAKE Update Tricks Victim into Executing Malicious PowerShell Code.pdf
- 2024-07-09 - Italian government agencies and companies in the target of a Chinese APT.pdf
- 2024-07-10 - DodgeBox: A deep dive into the updated arsenal of APT41 - Part 1.pdf
- 2024-07-11 - Brief technical analysis of the 'Poseidon Stealer' malware.pdf
- 2024-07-11 - ClickFix Deception: A Social Engineering Tactic to Deploy Malware.pdf
- 2024-07-11 - CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools.pdf
- 2024-07-11 - MoonWalk: A deep dive into the updated arsenal of APT41 - Part 2.pdf
- 2024-07-14 - Fake AWS Packages Ship Command and Control Malware In JPEG Files.pdf
- 2024-07-14 - Malware Analysis: Rhadamanthys.pdf
- 2024-07-15 - CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks.pdf
- 2024-07-16 - MirrorFace Attack against Japanese Organisations.pdf
- 2024-07-16 - NullBulge: Threat Actor Masquerades as Hacktivist Group Rebelling Against AI.pdf
- 2024-07-17 - The Return of Ghost Emperor's Demodex.pdf
- 2024-07-18 - Emerging IoT Wiper Malware: Kaden and New LOLFME Botnet Variants.pdf
- 2024-07-23 - A Simple Approach to Discovering Oyster Backdoor Infrastructure.pdf
- 2024-07-24 - APT45: North Korea's Digital Military Machine.pdf
- 2024-07-24 - Malware Campaign Lures Users With Fake W2 Form.pdf
- 2024-07-24 - Rhysida using Oyster Backdoor to deliver ransomware.pdf
- 2024-07-24 - UAC-0063 Attack Detection: Hackers Target Ukrainian Research Institutions Using HATVIBE, CHERRYSPY, and CVE-2024-23692.pdf
- 2024-07-25 - Growing Number of Threats Leveraging AI.pdf
- 2024-07-28 - CyberGate Technical Analysis.pdf
- 2024-07-30 - Too big to care: Our disappointment with Cloudflare's anti-abuse posture.pdf
- 2024-07-31 - Research Update: Threat Actors Behind the DEV#POPPER Campaign Have Retooled and are Continuing to Target Software Developers via Social Engineering.pdf
- 2024-08-01
π₯43π10β€5π5π€―4π€£3π«‘2π€1