We've updated the vx-underground malware source code collection. We've added Win32.SimpleWalletClipper.Xss.

Special thanks to BasssterLord/NationalHazardAgency for getting the source code for us.

Check it out here: https://github.com/vxunderground/MalwareSourceCode/tree/main/Win32/Stealers

We've updated the vx-underground malware collection.

- InTheWild.0067

We have added new samples for the following families:

- BlackCatRansomware
- FormBook
- AsyncRAT
- Amadey
- Danabot
- Emotet
- WhisperGate
- LokiBot
- Remcos

Check it out here: https://vx-underground.org/malware.html

The password to all of our archives is 'infected'

The compressed files we create, which is created from Linux or Windows OS's, are not natively compatible with MacOS

MacOS uses a different methodology to compress files and directories. The 'unzip' utility will not work, sorry.

Hey Blue Team nerds in the Northern parts of the United States and Canada - does your contingency plan cover G4 Geomagnetic Storms?

Lockbit ransomware group put out an advertisement today. They are hiring an entry-level QA tester.

Primary requirements include:
- No social life
- Be greedy

Intel via crocodylii

You may not like it but this is what a true 1337 hacker looks like

Today VirusTotal announced that each sample uploaded will be accompanied by "Code Insight". Code Insight uses Sec-PaLM, one of the generative AI models by Google, to explain what the malicious binary is doing.

Code Insight is available to all users.

tl;dr "they took my job"

We cannot fathom the amount of computational resources required to programmatically send each sample on VirusTotal, which is roughly 13PB, through an AI sandbox to generate a description for it.

Google going he-man with the malware samples

Reminder that we have a Discord server dedicated to monitoring ransomware group postings, government alerts, and dozens of cyber security vendors.

VX Feed Discord invite:
https://discord.gg/BBtPURBaJW

vx-underground has received exclusive footage of a young ransomware operator receiving his first pay out.

Viewer discretion is advised.

Lockbit ransomware group claims to have ransomed Elektrizitätswerk Wanfried von Scharfenberg KG.

EW Wanfried is an electric company.

They have attacked critical infrastructure.

We've updated the vx-underground malware sample collection. We have added new samples for the following families:

- RtPOS
- SysJoker
- StrifeWater
- Micropsia
- zLoader
- LokiBot
- AgentTesla
- StrRAT
- CoinStomp

Check it out here: https://samples.vx-underground.org/samples/Families/

AtlasOS, a modified version of Windows 10, is being discussed on YouTube. AtlasOS is described as a "transparent and streamlined modification of Windows".

AtlasOS is designed for gamers. To improve Windows they have removed Windows Defender, Restore Points, and Security Updates

tl;dr epic gamer move - remove all security features to get 10 extra frames on Fortnite

The very second we mention video games in conjunction with cyber security this is what we see

We've updated the vx-underground malware sample collection. We have added new samples for the following families:

- Emotet
- NjRAT
- Android.Flubot
- Vidar
- Android.Medusa
- Conficker
- HawkeyeKeyLogger
- Qakbot
- XRat

Check it out here: https://samples.vx-underground.org/samples/Families/

We at vx-underground demand the immediate arrest of all people between the ages of 13 and 19 - especially if they are into anime.

Being a teenager is illegal and for nerds.

https://www.theregister.com/2023/04/25/mandiant_rsa_teenage_hackers/

Today Lockbit ransomware group ransomed a day care center. When Lockbit ransomware group administration discovered the victim they issued an apology and claim to have fired the affiliate.

"I am ashamed" - Lockbit administration

We've updated the vx-underground malware sample collection - 32,217 malicious binaries are now available for bulk download.

Artwork via CallMeSirGus

Download the samples here: https://samples.vx-underground.org/samples/Blocks/