vx-underground
47.6K subscribers
4.11K photos
438 videos
84 files
1.49K links
The largest collection of malware source, samples, and papers on the internet.

Password: infected

https://vx-underground.org/
Download Telegram
The United States Marshal Service (USMS) has been ransomed. The USMS is responsible for apprehension of wanted fugitives.

The systems ransomed contained information on legal processes, administrative information, and PII on subjects being investigated

https://www.cnn.com/2023/02/27/politics/us-marshals-service-ransomeware-attack
πŸŽ‰24🀯6πŸ€ͺ4🀣3πŸ”₯2πŸ€”2πŸ‘1
We stumbled across a giant bag of VPN trials. What do we do with them?
🀯51😁18πŸ€”8😘7πŸ”₯5🀣5πŸ‘4❀1πŸ’―1
Since the beginning of the Russia-Ukraine conflict 23 Russian Oligarchs and Military Elite have fallen out of Windows.

Marina Yankina, a high-ranking official in Russia's Defence Ministry, was found dead on the side walk in St. Petersburg.

Windows are incredibly dangerous.
🀣79🀯24πŸ”₯7πŸŽ‰4πŸ‘3😒3🫑2πŸ‘1😍1
The LastPass drama is wild.

- LastPass breached in 2022, old news.
- LastPass admits a DevOps employees machine was compromised and Threat Actors took company corporate vault
- LastPass makes support bulletins more difficult to find, removed from search engines with 'noindex'
πŸŽ‰43πŸ‘4πŸ‘4
Motherhood is the human body biologically assembling code and then deploying to prod several months later
😁42πŸ€”7🀣2😍1
Today the Russian Federation made an amendment to "Federal Law No. 149-FZ - On information, information technologies and information protection".

Russia now prohibits the usage of "information exchange systems" owned by foreign entities.

See attached image for list of bans.
🀣87πŸ”₯15πŸ€ͺ11πŸ‘6❀3πŸŽ‰2
What's coming up?
- Updates to the Malware Defense paper collection
- Updates to the VX-API
- Updates to the Malware Source Code repository
- Updates to the "The Old New Thing" collection
- Updates to the Malware Sample collection
- Book release: Black Mass Vol. 2 (April)
πŸ₯°16πŸ”₯5πŸ‘3🫑2❀‍πŸ”₯1
vx-underground is actively seeking papers on Remote Scrotum Detonation attacks
πŸ€”24🀣17πŸ€ͺ11πŸ‘6😁3πŸ₯°1πŸ™1
Our friend SPTHvx, the legendary virus writer, has returned from a 10 year hiatus. On his return he has produced a proof-of-concept demonstrating the encoding, decoding, and mutation of virus code using ChatGPT in a natural language.

Check it out here: https://www.vx-underground.org/other.html#code_mutation
🀯29❀10🫑5πŸ”₯4😒1πŸ’―1
We've made some updates to vx-underground.

1. We've updated the malware defense collection. We've added 92 new malware analysis papers.

2. We've updated the Archive section. We've archived Singularity OS, Microsofts open-source OS written in C#

Have a nice day.
πŸ‘3❀1
It appears vx-underground will pass 200,000 Twitter followers in June, 2023. At 200,000 followers this will unlock new functionality for vx-underground

1. Ability to cancel people on Twitter
2. We can cut in line at airports and restrooms
3. Unlocked "Don't you know who I am?"
πŸ‘50❀11😁9🀯5πŸ‘4πŸ’―1
We've updated the VX-API

- CreateProcessFromINFSectionInstallStringNoCab
- CreateProcessFromINFSetupCommand
- AmsiBypassViaPatternScan

Shellcode execution by abusing: SymEnumProcesses, ImageGetDigestStream, VerifierEnumerateResource, SymEnumSourceFiles

https://github.com/vxunderground/VX-API
❀12πŸ”₯4πŸ‘3🀯3πŸ₯°1
We've updated "The Old New Thing" collection. We've archived the month of February, 2023.

Special thanks to _BradleyVX for curating the papers.

Check it out here: https://www.vx-underground.org/the_old_new_thing.html#the_old_new_thing_-_2023_02
πŸ‘3❀2
Seeing Shell32.dll export a function titled "PathYetAnotherMakeUniqueName" makes us question the psychological well-being of Microsoft developers
🀣67πŸ€ͺ8πŸ‘4🀯3πŸ”₯1
😁44πŸ€ͺ10πŸ€”3
"The best and most beautiful things in the world cannot be seen or even touched β€” they must be disassembled with IDA." -Helen Keller
🀣50πŸ€”4πŸ”₯3πŸ‘2πŸ€ͺ2
ALPHV ransomware group has ransomed Lehigh Valley Health Network, a healthcare network based out of Pennsylvania.

ALPHV has issued threats to the healthcare organization and has begun leaking photographs of topless female breast cancer patients
😒51🀩5😁4πŸ‘3πŸ€”3πŸ‘1
ALPHV states in their message to Lehigh Valley Health Network that the photos of the cancer patients are nudes, suggesting they're pornographic (?).

ALPHV is exploiting and sexualizing breast cancer.
😒43🀯16πŸ‘6😁5🀩2
Our friend guessthepw developed us a custom malware database which will automatically sync data with VirusTotal and hatching_io


- Free to the public
- Will contain every vx-underground malware sample
- Will allow users to upload and share samples
- All thanks to our supporters

We do not know when the new site will go live. Improvements still need to be made, including beautification. This is all done in the spare time of guessthepw and vx-underground staff.

This will be a large achievement for us.

Make malware free, forever.
❀48🫑8πŸ‘7πŸ”₯3