ALPHV ransomware group modus operandi has changed. The recent victim postings tone has changed significantly. They do not come across as calm and professional as ALPHV traditionally has.
Someone is new to their group and much more vocal.
Image 1. New ALPHV
Image 2. Old ALPHV
Someone is new to their group and much more vocal.
Image 1. New ALPHV
Image 2. Old ALPHV
π€£27β€5π₯4π3π±2
Symantec Threat Hunter Team discovered the X-Trader supply chain attack, which resulted in the 3CX supply chain attack, hit critical infrastructure - European and American electrical grid suppliers
More information: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/xtrader-3cx-supply-chain
More information: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/xtrader-3cx-supply-chain
Security
X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe
North Korean-linked operation affected more organizations beyond 3CX, including two critical infrastructure organizations in the energy sector.
π±14π2π«‘2β€1π1
There is a direct correlation between hours of anime watched and reverse engineering skills.
The longer someone watches anime, the better they are at reverse engineering.
Scientists do not know why.
The longer someone watches anime, the better they are at reverse engineering.
Scientists do not know why.
π57π€£32π±17π«‘11π€―7β€5π₯3π3π―3π’2π€©2
Andy Greenberg's book "Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency" is an incredible book. It reads well. It allows a reader to understand the flaws in cryptocurrency and truly emphasizes the incredible research by people like Sarah Meiklejohn.
This isn't an advertisement for him - this book is genuinely an amazing read. Shoutout to Andy.
This isn't an advertisement for him - this book is genuinely an amazing read. Shoutout to Andy.
π―56β€14π9π₯7π3
We've updated the vx-underground malware sample collection. We have added new samples for the following families:
- AgentTesla
- AsyncRAT
- WhisperGate
- RagnarLocker
- YoungLotus
- Blackmoon
- Emotet
- Remcos
- Trickbot
Check it out here: https://samples.vx-underground.org/samples/Families/
- AgentTesla
- AsyncRAT
- WhisperGate
- RagnarLocker
- YoungLotus
- Blackmoon
- Emotet
- Remcos
- Trickbot
Check it out here: https://samples.vx-underground.org/samples/Families/
π₯16π5
We've updated the vx-underground malware source code collection. We've added Win32.SimpleWalletClipper.Xss.
Special thanks to BasssterLord/NationalHazardAgency for getting the source code for us.
Check it out here: https://github.com/vxunderground/MalwareSourceCode/tree/main/Win32/Stealers
Special thanks to BasssterLord/NationalHazardAgency for getting the source code for us.
Check it out here: https://github.com/vxunderground/MalwareSourceCode/tree/main/Win32/Stealers
β€βπ₯10β€4π1π₯1π1
We've updated the vx-underground malware collection.
- InTheWild.0067
We have added new samples for the following families:
- BlackCatRansomware
- FormBook
- AsyncRAT
- Amadey
- Danabot
- Emotet
- WhisperGate
- LokiBot
- Remcos
Check it out here: https://vx-underground.org/malware.html
- InTheWild.0067
We have added new samples for the following families:
- BlackCatRansomware
- FormBook
- AsyncRAT
- Amadey
- Danabot
- Emotet
- WhisperGate
- LokiBot
- Remcos
Check it out here: https://vx-underground.org/malware.html
π14β€βπ₯3
Today VirusTotal announced that each sample uploaded will be accompanied by "Code Insight". Code Insight uses Sec-PaLM, one of the generative AI models by Google, to explain what the malicious binary is doing.
Code Insight is available to all users.
tl;dr "they took my job"
Code Insight is available to all users.
tl;dr "they took my job"
π€£82π₯13β€8π4π’2β€βπ₯1
The vx-underground C2 is superior to every Red Team tool on the market.
- Simple
- Robust
- Customizable
- Cross-platform
- Evades all AVs/EDRs
- Reliable
- Not affected by geomagnetic storms
- Immune to EMPs and (probably) nuclear explosions
Requirements: 2 old cans and string
- Simple
- Robust
- Customizable
- Cross-platform
- Evades all AVs/EDRs
- Reliable
- Not affected by geomagnetic storms
- Immune to EMPs and (probably) nuclear explosions
Requirements: 2 old cans and string
π€ͺ48π€£21π9π₯7π«‘5π₯°2π1π1
Reminder that we have a Discord server dedicated to monitoring ransomware group postings, government alerts, and dozens of cyber security vendors.
VX Feed Discord invite:
https://discord.gg/BBtPURBaJW
VX Feed Discord invite:
https://discord.gg/BBtPURBaJW
β€βπ₯17π€6β€4π«‘3π1
This media is not supported in your browser
VIEW IN TELEGRAM
vx-underground has received exclusive footage of a young ransomware operator receiving his first pay out.
Viewer discretion is advised.
Viewer discretion is advised.
π€£77π5π«‘5π₯4π€ͺ4β€2π€―2π―2π1π€1π1
We've updated the vx-underground malware sample collection. We have added new samples for the following families:
- RtPOS
- SysJoker
- StrifeWater
- Micropsia
- zLoader
- LokiBot
- AgentTesla
- StrRAT
- CoinStomp
Check it out here: https://samples.vx-underground.org/samples/Families/
- RtPOS
- SysJoker
- StrifeWater
- Micropsia
- zLoader
- LokiBot
- AgentTesla
- StrRAT
- CoinStomp
Check it out here: https://samples.vx-underground.org/samples/Families/
π9π€£4β€1π€1
AtlasOS, a modified version of Windows 10, is being discussed on YouTube. AtlasOS is described as a "transparent and streamlined modification of Windows".
AtlasOS is designed for gamers. To improve Windows they have removed Windows Defender, Restore Points, and Security Updates
AtlasOS is designed for gamers. To improve Windows they have removed Windows Defender, Restore Points, and Security Updates
π€£136π€17π10π₯6π₯°6π€ͺ3β€2β€βπ₯2π«‘2