"The best and most beautiful things in the world cannot be seen or even touched β they must be disassembled with IDA." -Helen Keller
π€£50π€4π₯3π2π€ͺ2
ALPHV ransomware group has ransomed Lehigh Valley Health Network, a healthcare network based out of Pennsylvania.
ALPHV has issued threats to the healthcare organization and has begun leaking photographs of topless female breast cancer patients
ALPHV has issued threats to the healthcare organization and has begun leaking photographs of topless female breast cancer patients
π’51π€©5π4π3π€3π1
Our friend guessthepw developed us a custom malware database which will automatically sync data with VirusTotal and hatching_io
- Free to the public
- Will contain every vx-underground malware sample
- Will allow users to upload and share samples
- All thanks to our supporters
We do not know when the new site will go live. Improvements still need to be made, including beautification. This is all done in the spare time of guessthepw and vx-underground staff.
This will be a large achievement for us.
Make malware free, forever.
- Free to the public
- Will contain every vx-underground malware sample
- Will allow users to upload and share samples
- All thanks to our supporters
We do not know when the new site will go live. Improvements still need to be made, including beautification. This is all done in the spare time of guessthepw and vx-underground staff.
This will be a large achievement for us.
Make malware free, forever.
β€48π«‘8π7π₯3
Today EUROPOL announced the arrest of two suspected DopplePaymer ransomware members. The individuals were arrested February 28th, 2023. The individuals resided in different countries - 1 in germany, the other in Ukraine.
More information: https://www.europol.europa.eu/media-press/newsroom/news/germany-and-ukraine-hit-two-high-value-ransomware-targets
More information: https://www.europol.europa.eu/media-press/newsroom/news/germany-and-ukraine-hit-two-high-value-ransomware-targets
Europol
Germany and Ukraine hit two high-value ransomware targets β Forensic analysis of the seized equipment is still ongoing to determineβ¦
This ransomware appeared in 2019, when cybercriminals started using it to launch attacks against organisations and critical infrastructure and industries. Based on the BitPaymer ransomware and part of the Dridex malware family, DoppelPaymer used a uniqueβ¦
π«‘15π5π€ͺ2π1π’1
We have no intention on competing with VirusTotal.
vx-underground will remain a free-to-use library and malware exchange. We do not intend on scanning malware, sandboxing it, blah blah blah.
VirusTotal makes millions of dollars a year. vx-underground makes about tree-fiddy.
vx-underground will remain a free-to-use library and malware exchange. We do not intend on scanning malware, sandboxing it, blah blah blah.
VirusTotal makes millions of dollars a year. vx-underground makes about tree-fiddy.
β€92π«‘23π₯11β€βπ₯8π5π4π’4π€ͺ4
Escape from Tarkov developers have begun naming and shaming people caught cheating - they release publicly available Google Docs spreadsheets listing the usernames of banned players.
Please note the amount of people with "TTV" in their name.
Example: https://docs.google.com/spreadsheets/d/e/2PACX-1vRutocKkK3nk91ORmArC4_sOWGFpipL1hNPYytEpdQ-70WkQnVQJlxMmULIaViqpm31J_I0_pIBVTlN/pubhtml?gid=0&single=true
Please note the amount of people with "TTV" in their name.
Example: https://docs.google.com/spreadsheets/d/e/2PACX-1vRutocKkK3nk91ORmArC4_sOWGFpipL1hNPYytEpdQ-70WkQnVQJlxMmULIaViqpm31J_I0_pIBVTlN/pubhtml?gid=0&single=true
π€£33π4π₯3
Emotet has returned
Follow Cryptolaemus1on Twitter for alerts and updates
Information on Epoch4: https://tria.ge/230307-phtffshc7w
Follow Cryptolaemus1on Twitter for alerts and updates
Information on Epoch4: https://tria.ge/230307-phtffshc7w
tria.ge
Malware sandboxing report by Hatching Triage
Have a look at the Hatching Triage automated malware analysis report for this emotet sample, with a score of 10 out of 10.
π₯3π’1
Previously Minneapolis Public Schools reported an 'encryption event'. Today Medusa ransomware group has taken credit for the attack.
Information and updates via BrettCallow
Information and updates via BrettCallow
π€£23π’8π3
Medusa ransomware group has released a 51-minute long (474MB) video demonstrating the contents stolen from Minneapolis public schools.
It contains e-mails, student grades, building layouts, payroll information, and more.
The video also plays the Matrix soundtrack on loop π€£
It contains e-mails, student grades, building layouts, payroll information, and more.
The video also plays the Matrix soundtrack on loop π€£
π€£59π€5π3π2
Media is too big
VIEW IN TELEGRAM
This is the introduction scene from the Medusa ransomware group video.
π€£64π«‘19π€ͺ2
Blackhats be like "Oh, you're not a Fed? Prove it. Kill an innocent bystander in broad daylight. A Fed would never commit homicide in broad daylight."
π€£81π13π€ͺ5π₯°4π4π€3π₯2π€©2
We've updated the vx-underground malware sample collection. We've added 54,258 samples.
Special thanks to petikvx
Check it out here: https://www.vx-underground.org/malware.html
Special thanks to petikvx
Check it out here: https://www.vx-underground.org/malware.html
π₯14π6
Methodist Family Health, a non-profit Arkansas-based child healthcare facility, has been ransomed by Avos ransomware group.
Methodist Family Health provides psychiatric assistance to children who have been abandoned, abused, or neglected.
Methodist Family Health provides psychiatric assistance to children who have been abandoned, abused, or neglected.
π’104π€―12π€£5π±3π2
We have never seen a ransomware group target a non-profit child healthcare facility - especially one which deals with children who are victims of abuse.
π’110π€―15π€£6π±3π3π₯2π1π€1
This beat and video was produced by some random guy vx-underground encountered online on Telegram. The beat slaps.
https://www.youtube.com/watch?v=1xpd5c-uPAs
https://www.youtube.com/watch?v=1xpd5c-uPAs
YouTube
Lockbit 3.0 Phonk Beat
This beat and video was produced by some random guy vx-underground encountered online on Telegram. The beat slaps.
π₯12π3β€1π«‘1
March 6th: EUROPOL announced the arrest of 2 individuals tied to DoppelPaymer ransomware group. German authorities state the March 6th arrests were related to a ransomware attack which resulted in the death of a patient September 18th, 2020 at DΓΌsseldorf Hospital.
π’26π3π2π€£2