Use Twitter image description feature as a C2.

See example in attached link: https://twitter.com/vxunderground/status/1649251062820249600

The European Union likes distributing malware

Information via bigfack

Symantec Threat Hunter Team discovered the X-Trader supply chain attack, which resulted in the 3CX supply chain attack, hit critical infrastructure - European and American electrical grid suppliers

More information: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/xtrader-3cx-supply-chain

There is a direct correlation between hours of anime watched and reverse engineering skills.

The longer someone watches anime, the better they are at reverse engineering.

Scientists do not know why.

Andy Greenberg's book "Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency" is an incredible book. It reads well. It allows a reader to understand the flaws in cryptocurrency and truly emphasizes the incredible research by people like Sarah Meiklejohn.

This isn't an advertisement for him - this book is genuinely an amazing read. Shoutout to Andy.

We've updated the vx-underground malware sample collection. We have added new samples for the following families:

- AgentTesla
- AsyncRAT
- WhisperGate
- RagnarLocker
- YoungLotus
- Blackmoon
- Emotet
- Remcos
- Trickbot

Check it out here: https://samples.vx-underground.org/samples/Families/

Suicide is not the answer. Seeking help is a sign of strength.

We've updated the vx-underground malware source code collection. We've added Win32.SimpleWalletClipper.Xss.

Special thanks to BasssterLord/NationalHazardAgency for getting the source code for us.

Check it out here: https://github.com/vxunderground/MalwareSourceCode/tree/main/Win32/Stealers

We've updated the vx-underground malware collection.

- InTheWild.0067

We have added new samples for the following families:

- BlackCatRansomware
- FormBook
- AsyncRAT
- Amadey
- Danabot
- Emotet
- WhisperGate
- LokiBot
- Remcos

Check it out here: https://vx-underground.org/malware.html

The password to all of our archives is 'infected'

The compressed files we create, which is created from Linux or Windows OS's, are not natively compatible with MacOS

MacOS uses a different methodology to compress files and directories. The 'unzip' utility will not work, sorry.

Hey Blue Team nerds in the Northern parts of the United States and Canada - does your contingency plan cover G4 Geomagnetic Storms?

Lockbit ransomware group put out an advertisement today. They are hiring an entry-level QA tester.

Primary requirements include:
- No social life
- Be greedy

Intel via crocodylii

You may not like it but this is what a true 1337 hacker looks like

Today VirusTotal announced that each sample uploaded will be accompanied by "Code Insight". Code Insight uses Sec-PaLM, one of the generative AI models by Google, to explain what the malicious binary is doing.

Code Insight is available to all users.

tl;dr "they took my job"

We cannot fathom the amount of computational resources required to programmatically send each sample on VirusTotal, which is roughly 13PB, through an AI sandbox to generate a description for it.

Google going he-man with the malware samples

Reminder that we have a Discord server dedicated to monitoring ransomware group postings, government alerts, and dozens of cyber security vendors.

VX Feed Discord invite:
https://discord.gg/BBtPURBaJW

vx-underground has received exclusive footage of a young ransomware operator receiving his first pay out.

Viewer discretion is advised.