vx-underground
To continue using our e-mail we need to kindly send our password to our ... web administrator. Kindly
Unrelated to this phishing e-mail β we're still receiving e-mails from compromised government e-mails saying things like "smelly is stinky". It's been months since we publicly meme'd about that and it's still going on π
π107π€£58π₯8β€βπ₯4π4π2π€―1π±1π’1π€1
In August we ingested over 1,000,000 malware samples. September our estimated malware ingestion figures will be closer to 18,000,000 samples.
By December we will likely pass 100,000,000 malware samples β making us the largest free public malware repo by a significant margin
By December we will likely pass 100,000,000 malware samples β making us the largest free public malware repo by a significant margin
π62π21β€βπ₯12π«‘10β€2π’2π₯1π€―1π€1
vx-underground
In August we ingested over 1,000,000 malware samples. September our estimated malware ingestion figures will be closer to 18,000,000 samples. By December we will likely pass 100,000,000 malware samples β making us the largest free public malware repo by aβ¦
We will gladly assist in distributing this large malware collection to reseachers, universities, and (sigh..) cybersecurity companies.
We rely on your donations to survive. We'll go back to shitposting soon.
Cheers,
We rely on your donations to survive. We'll go back to shitposting soon.
Cheers,
β€86π8π₯7π€3π’3π2π€2π1
Skip this post if you don't feel like getting irritated and/or frustrated and/or angry.
July 18th, 2024 Columbus, Ohio was a victim of Rhysida ransomware group β a group believed to be related to the now 'forked' and defunct Conti ransomware group.
August 8th, 2024 Rhysida ransomware group began slowly releasing the 6TB of exfiltrated Columbus, Ohio government data onto their Tor domain. As time progressed, it was evident the city of Columbus, Ohio were unlikely to pay the $1,600,000 Rhysida ransomware group wanted.
Columbus Mayor Andrew Ginther stated to local media outlets that Rhysida has unsuccessfully exfiltrated data and they successfully stopped the attack. Subsequently, a cybersecurity researcher operating under the moniker 'Connor Goodwolf', refuted the mayors statements β essentially acting as a whistleblower.
Connor Goodwolf spoke with Columbus, Ohio media outlets regarding the Rhysida ransomware group attack, proving Rhysida has not only successfully compromised the local government, but also exfiltrated sensitive information on residents of Columbus, Ohio. This information included social security numbers of police officers, people who are victims of domestic violence, etc.
Mayor Andrew Ginther decided to have the City of Columbus, Ohio sue Connor Goodwolf. Additionally, the city is seeking a restraining order against Goodwolf, making it a crime to disclose more information on the Rhysida breach, and requesting a permanent injunction against Connor Goodwolf. The lawsuit against Connor Goodwolf states Mr. Goodwolf places the community in danger stating he is spreading stolen data which is illegal. The lawsuit continues to say 'nobody' had access to the exfiltrated Rhysida ransomware group data because it was published in a manner where access was difficult to achieve.
tl;dr columbis ohio city attorney Zach Klein and mayor Andrew Ginther are idiots, so stupid its embarassing and painful to even read about
July 18th, 2024 Columbus, Ohio was a victim of Rhysida ransomware group β a group believed to be related to the now 'forked' and defunct Conti ransomware group.
August 8th, 2024 Rhysida ransomware group began slowly releasing the 6TB of exfiltrated Columbus, Ohio government data onto their Tor domain. As time progressed, it was evident the city of Columbus, Ohio were unlikely to pay the $1,600,000 Rhysida ransomware group wanted.
Columbus Mayor Andrew Ginther stated to local media outlets that Rhysida has unsuccessfully exfiltrated data and they successfully stopped the attack. Subsequently, a cybersecurity researcher operating under the moniker 'Connor Goodwolf', refuted the mayors statements β essentially acting as a whistleblower.
Connor Goodwolf spoke with Columbus, Ohio media outlets regarding the Rhysida ransomware group attack, proving Rhysida has not only successfully compromised the local government, but also exfiltrated sensitive information on residents of Columbus, Ohio. This information included social security numbers of police officers, people who are victims of domestic violence, etc.
Mayor Andrew Ginther decided to have the City of Columbus, Ohio sue Connor Goodwolf. Additionally, the city is seeking a restraining order against Goodwolf, making it a crime to disclose more information on the Rhysida breach, and requesting a permanent injunction against Connor Goodwolf. The lawsuit against Connor Goodwolf states Mr. Goodwolf places the community in danger stating he is spreading stolen data which is illegal. The lawsuit continues to say 'nobody' had access to the exfiltrated Rhysida ransomware group data because it was published in a manner where access was difficult to achieve.
tl;dr columbis ohio city attorney Zach Klein and mayor Andrew Ginther are idiots, so stupid its embarassing and painful to even read about
π€£139π€―36π«‘14π―10π4π4β€3π€3
Xitter is now banned in Brazil due to X refusing to take action on content which Brazil deemed illegal.
Following the ban, Justice Alexandre de Moraes imposed a fine of R$50,000 (Approx. $9,000) per day for any person accessing Xitter illegally (such as using a VPN).
Following the ban, Justice Alexandre de Moraes imposed a fine of R$50,000 (Approx. $9,000) per day for any person accessing Xitter illegally (such as using a VPN).
π€―97π€£79π19π12π’11π€8π±3β€2π1
We've changed our mind.
We will no longer be keeping all the malware junk we ingest. We will trim the fat and keep only quality malware. Instead of 18,000,000 samples a month, we'll likely bring in approx. 3,000,000 a month.
This breaks our hearts, but it's too much junk :(
We will no longer be keeping all the malware junk we ingest. We will trim the fat and keep only quality malware. Instead of 18,000,000 samples a month, we'll likely bring in approx. 3,000,000 a month.
This breaks our hearts, but it's too much junk :(
π’137π46π«‘23π€12β€7π±7π€―4π€£2π1
History has taught us time and time again it is often a very poor decision to piss off nerds.
When will governments learn they're angering the very people they rely on to make their technologies work?
When will governments learn they're angering the very people they rely on to make their technologies work?
π120π€34π―14β€βπ₯12π«‘6β€4π€4π€3π3π€£2π€―1
Hello to the person who decided to name themselves 'gay4smellyvx' on Call of Duty.
π€£142β€21π18π4π€1
This media is not supported in your browser
VIEW IN TELEGRAM
Thank you for the meme submission, foilmanhacks
π€57π€£35β€17π3π3π±2π’1
Good morning,
Our virus exchange website is going through a serious overhaul. Moving forward, all samples submitted will automatically upload to VirusTotal. The sample uploaded will subsequently be tagged and/or renamed using the VirusTotal 'Popular threat label' naming convention.
If in the event a popular threat label is not present, but it still holds a sufficiently high enough threat score, it will default to the Kaspersky naming convention.
All malware files will be retained β even junk file infectors like Padodor or Berbrew. If the file is not malware we will delete it. We only want malware.
Additionally, each day our virus exchange will release a 'daily dump' 7z file. This will be every file submitted, named as stated previously, and synced to vx-underground to be available for bulk download.
An API is available for programmatic access to virus exchange. Some users have created unofficial wrappers in Python to ease API access to our malware database.
This is all free of charge. Anyone, anywhere, can access this resource and download as much as they'd like. However, we ask you consider donating to allow this to continue. Furthermore, if you're unhappy with the performance of the site, we advise larger companies to consider becoming monthly sponsors. A system at this scale, while remaining free of charge, is not easy.
We hope moving forward we can give back to individuals who submit and share samples with us by offering rewards to valued contributors... but that's a conversation at a later date and later time.
Thanks,
- smelly
Our virus exchange website is going through a serious overhaul. Moving forward, all samples submitted will automatically upload to VirusTotal. The sample uploaded will subsequently be tagged and/or renamed using the VirusTotal 'Popular threat label' naming convention.
If in the event a popular threat label is not present, but it still holds a sufficiently high enough threat score, it will default to the Kaspersky naming convention.
All malware files will be retained β even junk file infectors like Padodor or Berbrew. If the file is not malware we will delete it. We only want malware.
Additionally, each day our virus exchange will release a 'daily dump' 7z file. This will be every file submitted, named as stated previously, and synced to vx-underground to be available for bulk download.
An API is available for programmatic access to virus exchange. Some users have created unofficial wrappers in Python to ease API access to our malware database.
This is all free of charge. Anyone, anywhere, can access this resource and download as much as they'd like. However, we ask you consider donating to allow this to continue. Furthermore, if you're unhappy with the performance of the site, we advise larger companies to consider becoming monthly sponsors. A system at this scale, while remaining free of charge, is not easy.
We hope moving forward we can give back to individuals who submit and share samples with us by offering rewards to valued contributors... but that's a conversation at a later date and later time.
Thanks,
- smelly
β€121π24π₯14β€βπ₯10π€5π€5π3π’3π―3π€£1π1
vx-underground
Good morning, Our virus exchange website is going through a serious overhaul. Moving forward, all samples submitted will automatically upload to VirusTotal. The sample uploaded will subsequently be tagged and/or renamed using the VirusTotal 'Popular threatβ¦
As a side note, because others have asked, we have no intention on implementing malware configuration extractors, gathering C2 information, etc. That is something more along the lines of Triage. That is much more exhaustive work.
https://tria.ge
https://tria.ge
tria.ge
Login | Triage
Explore Triage's Malware Analysis Sandbox to dissect your malware samples. Access malware trends, and a customizable environment for in-depth analysis and classification.
π38π7π€7π€£2β€1π€1π’1π1
vx-underground
Good morning, Our virus exchange website is going through a serious overhaul. Moving forward, all samples submitted will automatically upload to VirusTotal. The sample uploaded will subsequently be tagged and/or renamed using the VirusTotal 'Popular threatβ¦
π€70β€15π―7π€£5π₯3π’2π1π€1
"why doesn't vxug prompt for cookies"
the only cookies present are for maintaining your session on vxug or vxdb. we dont track you, we dont collect data, we dont do ads, blah blah blah. its just malware ok download it
the only cookies present are for maintaining your session on vxug or vxdb. we dont track you, we dont collect data, we dont do ads, blah blah blah. its just malware ok download it
β€151π€£43β€βπ₯12π10π«‘8π€―4π3π’2π1
We've updated the vx-underground Windows malware paper collection. We have a lot more papers in queue.
Read them.
Papers:
- 2024-08-31 - Finding open file handles in PS
- 2024-08-30 - Evil MSI A story about vulnerabilities in MSI Files
- 2024-08-26 - DLL Sideloading ith LicenseDiag.exe
- 2024-08-19 - DRMBIN - Prevent binaries from running on other machines
- 2024-08-15 - Offline SAM Editing
- 2024-08-14 - Tricks with Microsoft Word and Sandboxes
- 2024-08-13 - Abusing AVEDR Exclusions to Evade Detections
- 2024-06-09 - Bypassing EDR NTDSdit protection using BlueTeam tools
Read them.
Papers:
- 2024-08-31 - Finding open file handles in PS
- 2024-08-30 - Evil MSI A story about vulnerabilities in MSI Files
- 2024-08-26 - DLL Sideloading ith LicenseDiag.exe
- 2024-08-19 - DRMBIN - Prevent binaries from running on other machines
- 2024-08-15 - Offline SAM Editing
- 2024-08-14 - Tricks with Microsoft Word and Sandboxes
- 2024-08-13 - Abusing AVEDR Exclusions to Evade Detections
- 2024-06-09 - Bypassing EDR NTDSdit protection using BlueTeam tools
π29β€11π€©3π€2π1π₯1