The Simland Telegram channel was banned on Telegram β although a new one has already been created.
Following the arrest of Pavel Durov in France, Telegram users are reporting a significant increase in Telegram taking action on crime-related channels.
Following the arrest of Pavel Durov in France, Telegram users are reporting a significant increase in Telegram taking action on crime-related channels.
π’142π€£61π19π«‘11π€7β€5π3π―3π€3π1
Through a series of unfortunate events, additions to vx-underground are going to be dead in the water.
We've got 99 problems and they're all things not on the internet. Our AFK-ness could extend for a week, maybe 2.
We'll just shit post when we have the time.
Thanks,
We've got 99 problems and they're all things not on the internet. Our AFK-ness could extend for a week, maybe 2.
We'll just shit post when we have the time.
Thanks,
π122π’67π«‘37β€33π€£7π±6π6π€3π€3π2π€―1
vx-underground
Through a series of unfortunate events, additions to vx-underground are going to be dead in the water. We've got 99 problems and they're all things not on the internet. Our AFK-ness could extend for a week, maybe 2. We'll just shit post when we have theβ¦
We're not shutting down.
We're just going to be AFK so additions are suspended for a little bit.
We got a few DMs from people acting like the world is ending (it's not)
We're just going to be AFK so additions are suspended for a little bit.
We got a few DMs from people acting like the world is ending (it's not)
β€153π€£19π€15π«‘8π’7π±5π―5β€βπ₯4π₯3π€1
The Russian Federation has fined Google $20,000,000,000,000,000,000,000,000,000,000,000.
To point that into perspective: yo momma
To point that into perspective: yo momma
π281π€£145π€36π16β€10π₯10π’4π«‘4β€βπ₯3π3π±2
wtf just found lumma stealer in candy
π€124π±46π37π₯8π€8β€5π€―4π«‘4π―3π’2π2
This media is not supported in your browser
VIEW IN TELEGRAM
please do not feed the NFT influencers
π76π36π₯10π€£10β€6π₯°2π2π€2π’2π―1π«‘1
October 30th Okta disclosed a vulnerability whereas individuals could bypass AD/LDAP Delegated Authentication by providing a username greater than 52 characters.
It required a cached previous success login attempt.
tl;dr employees with long last names are a security threat
It required a cached previous success login attempt.
tl;dr employees with long last names are a security threat
π€£144π₯7π―7π«‘3β€2π2π’1
vx-underground
October 30th Okta disclosed a vulnerability whereas individuals could bypass AD/LDAP Delegated Authentication by providing a username greater than 52 characters. It required a cached previous success login attempt. tl;dr employees with long last names areβ¦
Hispanic users with 30 last names (all hypenated) && Eastern Europeans users with ski and/or vich and/or ska in their name
π€£123π«‘13π9π2π€2β€1π₯°1π1π’1π1
Only a few more days of misinformation campaigns in the United States (it'll be back shortly after)
π62π18π―9π€£6π€4π₯°2π’2π1π1π€1
Interesting things that happened lately:
October 31st: safe0x17 released RustVEHSyscalls, a Rust port for LayeredSyscalls β performs indirect syscalls while generating legitimate API call stack frames by abusing VEH
October 30th: FeribHellscream released a paper on forming a shell company and attempting to purchase an EV code sign cert (it's not fun)
October 29th: 404mediaco received a leaked document from the largest New York hospital system β the document encourages physicians to use Artificial Intelligence to summarize clinical evaluations, diagnose medical issues, and parse health records
October 29th: BratvaCorp noted based on the recent United States Department of Justice indictment of Redline information stealer developers β the authors of Redline connected to their platform from their home IP addresses and linked assets to their personal iCloud accounts.
October 27th: MalDevAcademy released a proof-of-concept code illustration of extracting an encrypted and embedded PE file from a PNG file and executing it via a LNK file.
October 23rd: SttyK released a talk on how he discovered North Korean state-sponsored spys on Discord.
October 22nd: 0gtweet released a paper on on how to read BitLocker numerical passwords via the Windows API.
October 22nd: mez0 via TrustedSec released a paper on malware development via the Groovy programming language and it's usage in network enumeration.
October 19th: Hexacorn discovered a new malware persistence technique by abusing the UserInstStubWrapper API in advpacker.dll and IEAdvpacker.dll
October 18th: Hexacorn notes the discovery of 'ClickedOnRAT' windows API function from Windows XP. It's not related to malware, the API name is silly and misleading.
October 18th: Hexacorn unveiled a prankware technique by abusing NdfRunDllDuplicateIPDefendingSystem and NdfRunDllDuplicateIPOffendingSystem
October 31st: safe0x17 released RustVEHSyscalls, a Rust port for LayeredSyscalls β performs indirect syscalls while generating legitimate API call stack frames by abusing VEH
October 30th: FeribHellscream released a paper on forming a shell company and attempting to purchase an EV code sign cert (it's not fun)
October 29th: 404mediaco received a leaked document from the largest New York hospital system β the document encourages physicians to use Artificial Intelligence to summarize clinical evaluations, diagnose medical issues, and parse health records
October 29th: BratvaCorp noted based on the recent United States Department of Justice indictment of Redline information stealer developers β the authors of Redline connected to their platform from their home IP addresses and linked assets to their personal iCloud accounts.
October 27th: MalDevAcademy released a proof-of-concept code illustration of extracting an encrypted and embedded PE file from a PNG file and executing it via a LNK file.
October 23rd: SttyK released a talk on how he discovered North Korean state-sponsored spys on Discord.
October 22nd: 0gtweet released a paper on on how to read BitLocker numerical passwords via the Windows API.
October 22nd: mez0 via TrustedSec released a paper on malware development via the Groovy programming language and it's usage in network enumeration.
October 19th: Hexacorn discovered a new malware persistence technique by abusing the UserInstStubWrapper API in advpacker.dll and IEAdvpacker.dll
October 18th: Hexacorn notes the discovery of 'ClickedOnRAT' windows API function from Windows XP. It's not related to malware, the API name is silly and misleading.
October 18th: Hexacorn unveiled a prankware technique by abusing NdfRunDllDuplicateIPDefendingSystem and NdfRunDllDuplicateIPOffendingSystem
π€53π€13β€5β€βπ₯4π4π’3
vx-underground
Interesting things that happened lately: October 31st: safe0x17 released RustVEHSyscalls, a Rust port for LayeredSyscalls β performs indirect syscalls while generating legitimate API call stack frames by abusing VEH October 30th: FeribHellscream releasedβ¦
These will all eventually be added to the website. We don't have the time at the moment to download them, clean them up, and upload them for archive β but if you're interested you can look for yourself.
Cheers
Cheers
β€39π€7π5π€5π₯2β€βπ₯1π1π€1π’1π1π€©1
A few years ago there was a woman on Twitter who constantly talked about how much she loved her job, her career field, her co-workers, etc. She semi-frequently mentioned her education at a prestigious university (and also made sure to mention it in her Twitter bio).
She was interesting.
What was especially interesting was the fact everything she said was a lie. One of our members was employed at the place she claimed to have worked. No one at this place of work knew her β her entire personality, profile, biography, and posts were a lie. Nothing about it was true. We couldn't verify if the woman in the images was a real person.
One day her profile suddenly disappeared off social media.
We still talk about it sometimes. Who the hell was that person? Β―\_(γ)_/Β―
She was interesting.
What was especially interesting was the fact everything she said was a lie. One of our members was employed at the place she claimed to have worked. No one at this place of work knew her β her entire personality, profile, biography, and posts were a lie. Nothing about it was true. We couldn't verify if the woman in the images was a real person.
One day her profile suddenly disappeared off social media.
We still talk about it sometimes. Who the hell was that person? Β―\_(γ)_/Β―
π€£140π€42β€10β€βπ₯4π±4π3π’1π«‘1
vx-underground
A few years ago there was a woman on Twitter who constantly talked about how much she loved her job, her career field, her co-workers, etc. She semi-frequently mentioned her education at a prestigious university (and also made sure to mention it in her Twitterβ¦
It was very strange.
Once we learned it was an entirely fake persona we watched the profile everyday. We watched the profile interact with the public and "influencers". We were always like
Once we learned it was an entirely fake persona we watched the profile everyday. We watched the profile interact with the public and "influencers". We were always like
π93π€£31π€8β€βπ₯4β€3π’1
vx-underground
Schneider Electric after being hit by ransomware for the third time Jun 28, 2023 β cl0p ransomware Feb 20, 2024 β Cactus ransomware November 4, 2024 β Hellcat ransomware
Seriously, what the hell is going on over there? Are the employees just clicking every link in every email and just setting all passwords to 'password'?
π€£129π6π5β€2π2
Hello, how are you?
We've still got a bunch of papers to add. We don't have the time (yet) to get to that stuff, but we managed to (finally) sync all of our malware stuff to our backups and prod. After removing duplication files and syncing our entire collection with VirusTotal (scanning to ensure it's probably malicious) we've come to the conclusion we have a little over 33,000,000 unique malwares.
Very cool.
In other news, we'd like to thank the people who continue to send us photos of their animals (or random pictures of animals they found), they're very cool.
In other other news, running vx-underground is beginning to become more challenging due to changes in our lives. Core administration is mid-30's β we've got families, responsibilities, and as we've aged over the past 5.5 years, a lot of things have changed in our lives. We've got a commitment to vx-underground for another 5 years, but following those 5 years vx-underground may no longer exist. We may decide to throw in the metaphorical towel and hope someone, somewhere else, decides to carry on our collection.
Or not, whatever. We'll see what happens. Life changes and crazy & cool things happens.
- smelly
Families:
- Android.AwSpy
- CerberRansomware
- LatentBot
- MacOS.KeRanger
- MacOS.WireLurker
- PetyaRansomware
- RockLoader
- SamsamRansomware
- TeslaCrypt
- Thanatos
Bulk downloads:
- Malware.2024.10.19
- Malware.2024.10.20
- Malware.2024.10.21
- Malware.2024.10.22
- Malware.2024.10.23
- Malware.2024.10.24
- Malware.2024.10.25
- Malware.2024.10.26
- Malware.2024.10.27
- Malware.2024.10.28
- Malware.2024.10.29
- Malware.2024.10.30
- Malware.2024.10.31
- Malware.2024.11.01
- Malware.2024.11.02
- Malware.2024.11.03
- Malware.2024.11.04
- Bazaar.2024.10
- Virussign.2024.10.26
- Virussign.2024.10.27
- Virussign.2024.10.28
- Virussign.2024.10.29
- Virussign.2024.10.30
- Virussign.2024.10.31
- Virussign.2024.11.01
- Virussign.2024.11.02
- Virussign.2024.11.03
- Virussign.2024.11.04
- VirusShare.00487
We've still got a bunch of papers to add. We don't have the time (yet) to get to that stuff, but we managed to (finally) sync all of our malware stuff to our backups and prod. After removing duplication files and syncing our entire collection with VirusTotal (scanning to ensure it's probably malicious) we've come to the conclusion we have a little over 33,000,000 unique malwares.
Very cool.
In other news, we'd like to thank the people who continue to send us photos of their animals (or random pictures of animals they found), they're very cool.
In other other news, running vx-underground is beginning to become more challenging due to changes in our lives. Core administration is mid-30's β we've got families, responsibilities, and as we've aged over the past 5.5 years, a lot of things have changed in our lives. We've got a commitment to vx-underground for another 5 years, but following those 5 years vx-underground may no longer exist. We may decide to throw in the metaphorical towel and hope someone, somewhere else, decides to carry on our collection.
Or not, whatever. We'll see what happens. Life changes and crazy & cool things happens.
- smelly
Families:
- Android.AwSpy
- CerberRansomware
- LatentBot
- MacOS.KeRanger
- MacOS.WireLurker
- PetyaRansomware
- RockLoader
- SamsamRansomware
- TeslaCrypt
- Thanatos
Bulk downloads:
- Malware.2024.10.19
- Malware.2024.10.20
- Malware.2024.10.21
- Malware.2024.10.22
- Malware.2024.10.23
- Malware.2024.10.24
- Malware.2024.10.25
- Malware.2024.10.26
- Malware.2024.10.27
- Malware.2024.10.28
- Malware.2024.10.29
- Malware.2024.10.30
- Malware.2024.10.31
- Malware.2024.11.01
- Malware.2024.11.02
- Malware.2024.11.03
- Malware.2024.11.04
- Bazaar.2024.10
- Virussign.2024.10.26
- Virussign.2024.10.27
- Virussign.2024.10.28
- Virussign.2024.10.29
- Virussign.2024.10.30
- Virussign.2024.10.31
- Virussign.2024.11.01
- Virussign.2024.11.02
- Virussign.2024.11.03
- Virussign.2024.11.04
- VirusShare.00487
π₯°49β€21π«‘14π’12π€11π8β€βπ₯3π€1