Imagine if vx-underground made a LinkedIn profile. Imagine all the poor innocent normies we would scare by sharing information on the rampant cybercrime and posting pseudo satanic images
🥰48😁13❤8🤪5🤣4💯1
In the year 2023 you have both Whitehat and Blackhat training courses.
SANS Training Course: $4,000 - $9,000
Bassterlord (National Hazard Agency) Course: $10,000
*Bassterlord is a known Lockbit affiliate
SANS Training Course: $4,000 - $9,000
Bassterlord (National Hazard Agency) Course: $10,000
*Bassterlord is a known Lockbit affiliate
🤣45👍5❤4🫡3😁1
The reviews are nuts.
"This book helped me ransom a SpaceX contractor"
"This book helped me ransom a SpaceX contractor"
🤣53🫡8❤🔥2👍2😱2😁1🤔1
The recently released Binance court documents are absolutely insane
tl;dr acknowledge terrorists use it to launder money, openly forge reports, indifferent to cyber crime
You can read the full document here: https://downloads.coindesk.com/legal/cftc_v_binance.pdf
tl;dr acknowledge terrorists use it to launder money, openly forge reports, indifferent to cyber crime
You can read the full document here: https://downloads.coindesk.com/legal/cftc_v_binance.pdf
🤯27🔥8😱8🤪5❤3🥰2👍1🤣1
April 2023 will be a big month.
- New merch store managed by corg_e
- New malware database custom made via guessthepw
- Black Mass Vol 2. book will be released
- New merch store managed by corg_e
- New malware database custom made via guessthepw
- Black Mass Vol 2. book will be released
🔥21❤4
Earlier today CrowdStrike reported a supply chain attack targeting the 3CX Voice Over Internet Protocol (VOIP) Windows desktop client.
- 600,000 companies use it
- 12,000,000 users
- Sophos has identified a MacOS variant infected
- Currently attributed to Lazarus Group
- 600,000 companies use it
- 12,000,000 users
- Sophos has identified a MacOS variant infected
- Currently attributed to Lazarus Group
🤯16❤4👍4🤔3🫡3🥰1
Prior to CrowdStrike's report - customers went to the 3CX forums expressing concerns that EDRs were reporting suspicious activity. EDRs from CrowdStrike, ESET, PaloAltoNtwks, and SentinelOne flagged the binary. 3CX said they were wrong.
Images via malwrhunterteam
Images via malwrhunterteam
🤣20🤔5👍2🤪2❤1
SentinelOne has released an in-depth analysis of the malware and payload, they have dubbed it 'SmoothOperator'. The final payload exfiltrates data from web browsers Chrome, Edge, Brave, and Firefox.
tl;dr largest data theft in history?
https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/
tl;dr largest data theft in history?
https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/
SentinelOne
3CX SmoothOperator | 3CXDesktopApp in Supply Chain Attack
Explore the intricacies of 3CX Smooth Operator. Learn about the multi-stage attack chain and infostealer malware delivery at scale.
🤯20🤪3
We have malware samples from the recent 3CX VOIP supply chain attack.
- SmoothOperator.7z
- 48.1MB compressed
- Samples from CrowdStrike and SentinelOne reports
You can download the malware samples here: https://share.vx-underground.org/
- SmoothOperator.7z
- 48.1MB compressed
- Samples from CrowdStrike and SentinelOne reports
You can download the malware samples here: https://share.vx-underground.org/
🔥27🥰4👍2
MacOS malware expert patrickwardle has been covering the MacOS variant of the 3CX VOIP supply chain attack.
Additionally, we have managed to get our hands on the MacOS variant.
Download: https://share.vx-underground.org
Analysis: https://twitter.com/patrickwardle/status/1641294247877021696
Additionally, we have managed to get our hands on the MacOS variant.
Download: https://share.vx-underground.org
Analysis: https://twitter.com/patrickwardle/status/1641294247877021696
Twitter
RE: The 3CX VOIP supply chain attack, vendors have stated that macOS was also targeted - but I couldn't find any specific technical details (yet) 🍎🐛☠️
One vendor stated, "we cannot confirm that the Mac installer is similarly trojanized"
...let's dive in!…
One vendor stated, "we cannot confirm that the Mac installer is similarly trojanized"
...let's dive in!…
🤯10❤4👍2💯1