vx-underground
47.6K subscribers
4.12K photos
439 videos
84 files
1.49K links
The largest collection of malware source, samples, and papers on the internet.

Password: infected

https://vx-underground.org/
Download Telegram
vx-underground
January 13th the Ukrainian authorities arrested a 36 year old man and his wife. The couple were leaders of a small ransomware group operating out of Kyiv. Families who ransom together, stay together๐Ÿฅฐ Information via @realhackhistory More information: hโ€ฆ
(or piss off NATO: Ukrainian authorities received a tip from United States intelligence and United Kingdom intelligence regarding the couple).
๐Ÿคฃ28๐Ÿ˜6๐Ÿคฌ5๐Ÿ’ฏ3๐Ÿ‘1๐Ÿ”ฅ1๐Ÿ˜ˆ1
Windows 11 now lets you create unsigned MSIX packages for "testing". You can install your "legitimate" "application" for "testing" without needing to sign it. Microsoft states this was developed to making "testing" easier

More information: msft.it/6012e7gKi
๐Ÿฅฐ46๐Ÿ‘5๐Ÿค”4๐Ÿคฎ4๐Ÿ‘2๐Ÿ˜ˆ2๐Ÿ”ฅ1
๐Ÿ”ฅ32๐Ÿ˜21๐Ÿ‘6๐Ÿ˜ˆ1
This week malware threat hunters have reported:

- AgentTesla exfiltrating data using Discord webhooks
- Ursnif using malicious .one files
- Increased usage of Rhadamanthys stealer
- Large increase in malvertising campaigns on Google
๐Ÿ˜20๐Ÿ‘6๐Ÿฅฐ1๐Ÿ˜ˆ1
We've uploaded an additional 160,000 unique malware samples to vx-underground. They are volumes 0047 - 0054 of the InTheWild collection.

Thanks to @petikvx for all the hard work.

Check it out here: https://samples.vx-underground.org/samples/Blocks/
๐Ÿ‘12๐Ÿ”ฅ1๐Ÿ˜ˆ1
We've updated the vx-underground Malware Analysis collection. We've added 109 new malware analysis papers from 2013, 2014, 2018, 2019, 2021, 2022, and 2023.

tl;dr lots of new stuff.

Check it out here: https://www.vx-underground.org/malware_defense.html#malware_analysis_2023
๐Ÿ‘11๐Ÿ”ฅ4๐Ÿ˜ˆ1
Image courtesy of bellafusari1
โค33๐Ÿ˜15๐Ÿ‘จโ€๐Ÿ’ป3๐Ÿ‘2๐Ÿคฌ1๐ŸŒš1๐Ÿ˜ˆ1
1. According to Lockbit ransomware group, they announced on various forums Lockbit Green is based off of the Conti source code leak

2. It appears that Lockbit monitors Twitter
๐Ÿคฃ30๐Ÿ˜11๐Ÿ˜ˆ1
Our magnum opus is approaching an ideal state.

- New staff member on-boarded
- 75% of all papers have an assigned date of release
- New papers coming!
- Est. 50,000+ new malware samples received DAILY

Thanks to donors and public support we are accomplishing amazing things
๐Ÿ”ฅ11๐Ÿ‘3๐Ÿ˜ˆ1
You nerds have no idea whats coming, but it wouldn't be possible without the support we have received from all of you.

We are about to do something we've wanted to do forever, but were unable to ... until now:)

Stay tuned๐Ÿฅฐ
โค46๐Ÿซก13๐Ÿ†’4๐Ÿ‘2๐Ÿ”ฅ2๐Ÿค”1๐ŸŒญ1๐Ÿ˜ˆ1
Nantucket public schools in Massachusetts, United States of America, are closed due to a ransomware attack.

Imagine being informed class is cancelled today because some nerds are extorting your school
๐Ÿ˜52๐Ÿซก18๐Ÿ”ฅ6๐Ÿ‘2๐Ÿคฏ1๐Ÿ˜ˆ1๐ŸŽ…1
POV your schools been hit by ransomware

Image via f0wlsec
๐Ÿคฃ80๐Ÿ‘5๐Ÿคก5๐Ÿ†’5๐Ÿ˜4๐Ÿ‘Ž1๐Ÿ˜ˆ1๐Ÿคช1
Our RansomwareNews's bot will be discontinued on Twitter. We have no intention on paying Twitter for basic API usage.

tl;dr their anti-spam campaign stinks, it is going to kill some really cool Twitter accounts

More info: https://twitter.com/TwitterDev/status/1621026986784337922
๐Ÿ˜ข18๐Ÿ˜จ6๐Ÿคฃ5๐Ÿ‘4๐Ÿ’ฉ3๐Ÿ’”3๐Ÿ–•2โค1๐Ÿ˜1๐Ÿ˜ˆ1
We managed to get our hands on a Samjiyon Tablet from the Democratic People's Republic of Korea (DPRK) a.k.a. North Korea.

These are not sold to foreigners.
๐Ÿ”ฅ74๐Ÿคฏ24๐Ÿ‘5๐Ÿ˜ฑ4๐Ÿคก4๐Ÿ˜ˆ3๐Ÿคฎ1๐Ÿณ1๐Ÿ‘ป1
vx-underground
We managed to get our hands on a Samjiyon Tablet from the Democratic People's Republic of Korea (DPRK) a.k.a. North Korea. These are not sold to foreigners.
For those curious: North Korea used to sell these tablets. They stopped selling them to foreigners in approx. 2014. We were able to find a person who owned a mint-condition, never used, Samjiyon Tablet. We purchased it off of them.
๐Ÿ‘32๐Ÿคก6๐Ÿ˜ˆ3โค1
Check the drip, dorks
๐Ÿ”ฅ76๐Ÿ–•10๐Ÿฅฐ4๐Ÿคก3๐Ÿฆ„2
The United States government is investigating a spy-balloon which has been in its airspace for several days. Senior defense officials at the Pentagon have stated with "very high confidence" it is Chinese

The United States Airforce has been deployed.

Unrelated to malware, of course. However, this plays into the geopolitical and espionage subject we typically explore with state sponsored activity.

More information: https://apnews.com/article/chinese-surveillance-balloon-united-states-montana-47248b0ef2b085620fcd866c105054be
๐Ÿ˜34๐Ÿ˜8๐Ÿ‘6๐Ÿคก5๐Ÿ˜ฑ3โค2๐Ÿฆ„1
Good morning Telegram
Good morning NSA
Good morning Chinese spy balloon
๐Ÿคฃ81๐Ÿ”ฅ24๐Ÿคก14โค7๐Ÿ˜4๐Ÿฆ„1
We need a volunteer - a volunteer full-stack developer who is motivated and has sufficient time to assist us.

We do not have much money. We have the budget of 1 slice of pizza. We also have pseudo-Twitter clout and some crappy clothes.
๐Ÿฅฐ31๐Ÿ˜11๐Ÿคก3๐Ÿ‘2๐Ÿฆ„1