Today 404mediaco reported the individual believed to be responsible for the Snowflake breach (including but not limited to: Ticketmaster, Santander Bank, Anheuser-Busch, Allstate, Advance Auto Parts, Mitsubishi, Neiman Marcus, Progressive, AT&T, and State Farm) had a hearing today regarding their extradition to the United States from Canada.
We can't recall a time a suspected a cyber criminal was given the VIP treatment for extradition. Them having a hearing on extradition in just a few days following their apprehension is lightning fast — shockingly fast, like, unimaginably fast.
404media had access to the judicial hearing and listened in via Zoom.
The extradition hearing was so fast, the suspect Alexander ‘Connor’ Moucka a/k/a Waifu a/k/a Judische a/k/a UNC5537, reportedly hadn't been able to secure a lawyer yet to defend themselves in the hearing...
We're going to go out on a limb and guess that compromising such large companies has angered people with deep pockets, people who are capable of making the Federal Bureau of Investigation put the metaphorical foot on the metaphorical gas.
¯\_(ツ)_/¯
We can't recall a time a suspected a cyber criminal was given the VIP treatment for extradition. Them having a hearing on extradition in just a few days following their apprehension is lightning fast — shockingly fast, like, unimaginably fast.
404media had access to the judicial hearing and listened in via Zoom.
The extradition hearing was so fast, the suspect Alexander ‘Connor’ Moucka a/k/a Waifu a/k/a Judische a/k/a UNC5537, reportedly hadn't been able to secure a lawyer yet to defend themselves in the hearing...
We're going to go out on a limb and guess that compromising such large companies has angered people with deep pockets, people who are capable of making the Federal Bureau of Investigation put the metaphorical foot on the metaphorical gas.
¯\_(ツ)_/¯
❤44🤣21😢12🥰10🫡7👍4🤝3🔥2
Media is too big
VIEW IN TELEGRAM
The United States electoral map once we cast our votes
🤣135❤🔥11🤔11😢9❤8🔥4🫡4😱3🤓3
We got called fascists today for making a meme about the electoral vote (???)
Plot twist: half of us aren't even america, haha nerds
Plot twist: half of us aren't even america, haha nerds
🤓172🤣84🎉8🫡7😱4😇4😁3❤1👍1😢1
Congratulations to all Ameriburgers — your Presidential election is near conclusion.
😁125🎉28😢23❤7👍5👏4😱2❤🔥1🫡1
vx-underground
Congratulations to all Ameriburgers — your Presidential election is near conclusion.
We've heard 'too close to call' over 9,000 times. We assume this is related to pizza deliveries. Indeed, it is best to walk.
💯110😁32❤17🤯5🤣2😢1
Nooooooooooooooooooooo
https://www.bleepingcomputer.com/news/microsoft/microsoft-notepad-to-get-ai-powered-rewriting-tool-on-windows-11/
https://www.bleepingcomputer.com/news/microsoft/microsoft-notepad-to-get-ai-powered-rewriting-tool-on-windows-11/
BleepingComputer
Microsoft Notepad to get AI-powered rewriting tool on Windows 11
Microsoft has started testing AI-powered Notepad text rewriting and Paint image generation tools four decades after the two programs were released in the 1980s.
😢99🤣35😱10😁6🤔5🎉5🤯2👍1
vx-underground
Lockbit ransomware group has offered their support to Donald J. Trump They're evening dedicating Lockbit 4.0 to his administration. Very cool
To make this as clear as possible: No, the Trump administration is not involved in Russian-based cybercrime. Rather, Lockbit ransomware group administration is declaring their support and/or admiration for Donald J. Trump
❤67🤣27🤓26🤯11🤝4😢3👍1
"you guys should use your malware code to train an AI model for malware development"
My Brother in Christ, we don't even have the energy to copy-paste PDF files into an S3 bucket. You seriously think we're going to allocate our -1 time & energy to do AI crap?
My Brother in Christ, we don't even have the energy to copy-paste PDF files into an S3 bucket. You seriously think we're going to allocate our -1 time & energy to do AI crap?
❤87🤣60😁13😎8👏4🤔3❤🔥1😢1
vx-underground
To make this as clear as possible: No, the Trump administration is not involved in Russian-based cybercrime. Rather, Lockbit ransomware group administration is declaring their support and/or admiration for Donald J. Trump
You can't just slap an AI sticker onto everything and call it cool and badass. We don't need (or want) AI for malware stuff.
🔥101👍15❤11🤣8❤🔥5👏2😁2😢2🤓1
Gootloader has changed their malware delivery techniques. Historically Gootloader has relied on SEO poisoning. Now Gootloader is creating fake PDF conversion websites.
pdf-online-tools(dot)com
We use sites like this when we're lazy. We're cooked.
https://gootloader.wordpress.com/2024/11/07/gootloaders-pivot-from-seo-poisoning-pdf-converters-become-the-new-infection-vector/
pdf-online-tools(dot)com
We use sites like this when we're lazy. We're cooked.
https://gootloader.wordpress.com/2024/11/07/gootloaders-pivot-from-seo-poisoning-pdf-converters-become-the-new-infection-vector/
⌛☃❀✵Gootloader Details ✵❀☃⌛
Gootloader’s Pivot from SEO Poisoning: PDF Converters Become the New Infection Vector
Three weeks ago, Gootloader samples suddenly dried up. This has happened before, so I switched VPNs and tried new locations—coffee shops, friends’, and family’s Wi-Fi networks—but still couldn’t re…
😱58❤11🔥4😁4👍1💯1
vx-underground
Gootloader has changed their malware delivery techniques. Historically Gootloader has relied on SEO poisoning. Now Gootloader is creating fake PDF conversion websites. pdf-online-tools(dot)com We use sites like this when we're lazy. We're cooked. https…
Also, this is a pretty clever idea. If the conversion works and they successfully slipstream a malware payload into it, that is a pretty substantial improvement — pretty stealthy.
+2 internet points to Gootloader
+2 internet points to Gootloader
👍62🤣20❤4💯2
vx-underground
> get call at 10pm > weird long number > answer > people speaking Mandarin > ??? > they say theyre from alibaba > ask how vx-underground is going > tell them its 10pm > "is that a problem?" > tell them we stopped using alibaba > "is that a problem?" > mfw
god damn chinese ministry of state security callin us at 10pm. bro, just scrape the site or something idk ok its bed time
😁96🤣66❤🔥8❤4👍3😢3😘3
vx-underground
COVID19 2: Electric Boogaloo
Sometimes people complain when we stray away from malware related topics.
*ahem*
The monkeys were released via ICS malware which opened the gates for the monkeys, or something, whatever. Make up some shitty anime plot and insert malware.
*ahem*
The monkeys were released via ICS malware which opened the gates for the monkeys, or something, whatever. Make up some shitty anime plot and insert malware.
🤣193🎉17❤9🤓9😁6🤩4❤🔥1🔥1😢1
Hello, how are you?
tl;dr tg channels deleted, dat sux. were back but malware collecting is hard. american politics is crazy
1. We've received some reports today that some hacker-cybersecurity-leak-??? Telegram channels have been hit by a Telegram orbital nuke. Club1337 and data1eaks are gone. If in the event the vx-underground Telegram channel is deleted, for whatever reason, it will be business-as-usual on Xitter. I don't intend to go back-n-forth fighting with Telegram... If the vx-underground Telegram is nuked maybe we'll try some other platform, I don't know, whatever.
2. In other news, we're hoping to resume some more uploads — papers, archives, etc. Doing the daily malware ingestion stuff is A LOT of work for our small roster with limited resources. It takes a lot of time and resources (mostly time). We want to do more cool stuff, but doing cool stuff takes time, energy, money, and cool music. We're running low on time and cool music. Feel free to recommend us some cool music.
3. In interesting news, following the 2024 United States Presidential Election our merch store sales went from an average of 5 - 10 sales a week, to literally zero. It appears our primary audience of westerners are more interested in United States politics than dumb t-shirts from a crappy website. This isn't a complaint — it's an interesting observation.
Thanks,
- smelly smellington
tl;dr tg channels deleted, dat sux. were back but malware collecting is hard. american politics is crazy
1. We've received some reports today that some hacker-cybersecurity-leak-??? Telegram channels have been hit by a Telegram orbital nuke. Club1337 and data1eaks are gone. If in the event the vx-underground Telegram channel is deleted, for whatever reason, it will be business-as-usual on Xitter. I don't intend to go back-n-forth fighting with Telegram... If the vx-underground Telegram is nuked maybe we'll try some other platform, I don't know, whatever.
2. In other news, we're hoping to resume some more uploads — papers, archives, etc. Doing the daily malware ingestion stuff is A LOT of work for our small roster with limited resources. It takes a lot of time and resources (mostly time). We want to do more cool stuff, but doing cool stuff takes time, energy, money, and cool music. We're running low on time and cool music. Feel free to recommend us some cool music.
3. In interesting news, following the 2024 United States Presidential Election our merch store sales went from an average of 5 - 10 sales a week, to literally zero. It appears our primary audience of westerners are more interested in United States politics than dumb t-shirts from a crappy website. This isn't a complaint — it's an interesting observation.
Thanks,
- smelly smellington
❤89👍9🥰8💯8😢6🤔4😱3❤🔥2🔥1