"We do not forgive, we do not forget, we have over 9000 penises" - Anonymous
π40π€£21π€ͺ8π«‘3β€βπ₯2π’2
We see a new ransomware blog pop-up online every couple of weeks.
Apparently everyone and their grandma is in a ransomware group now.
Ransomwatch has a fairly comprehensive list: https://ransomwatch.telemetry.ltd/#/INDEX
Apparently everyone and their grandma is in a ransomware group now.
Ransomwatch has a fairly comprehensive list: https://ransomwatch.telemetry.ltd/#/INDEX
ransomwatch.telemetry.ltd
the transparent ransomware claim tracker π₯·πΌπ§
π₯οΈ
π22π«‘9π€2β€1π±1
vx-underground is 4 years old.
Thank you for another exciting year.
Thank you everyone for the love and support. We are continuing our work and will continue to expand our library of malware source, samples, and papers.
Thank you for another exciting year.
Thank you everyone for the love and support. We are continuing our work and will continue to expand our library of malware source, samples, and papers.
β€110π49π«‘16β€βπ₯5π3π1
We've updated the vx-underground malware family collection.
- HermeticWiper
- Turla
- ElectronBot
- AvosLockerRansomware
- XLoader
- Formbook
- Valyria
- BlackCatRansomware
- Remcos
- DanaBot
- RedLine
- PhobosRansomware
- SharkBot
Check it out here: https://samples.vx-underground.org/samples/Families/
- HermeticWiper
- Turla
- ElectronBot
- AvosLockerRansomware
- XLoader
- Formbook
- Valyria
- BlackCatRansomware
- Remcos
- DanaBot
- RedLine
- PhobosRansomware
- SharkBot
Check it out here: https://samples.vx-underground.org/samples/Families/
β€24β€βπ₯5π2
For our Russian speaking friends:
ΠΡ ΡΠΎΠ±ΡΠ°Π»ΠΈ Π²ΡΠ΅ Π½ΠΎΠΌΠ΅ΡΠ° ΠΆΡΡΠ½Π°Π»Π° Β«Π₯Π°ΠΊΠ΅ΡΒ» Ρ 1999 ΠΏΠΎ 2022 Π³ΠΎΠ΄. ΠΠ³ΠΎ ΡΠ°Π·ΠΌΠ΅Ρ ΡΠΎΡΡΠ°Π²Π»ΡΠ΅Ρ 14 ΠΠ. Π‘ΠΊΠΎΡΠΎ ΠΌΡ Π½Π°ΡΠ½Π΅ΠΌ Π·Π°Π³ΡΡΠΆΠ°ΡΡ ΡΡΠ°ΡΡΠΈ.
ΠΡ ΡΠΎΠ±ΡΠ°Π»ΠΈ Π²ΡΠ΅ Π½ΠΎΠΌΠ΅ΡΠ° ΠΆΡΡΠ½Π°Π»Π° Β«Π₯Π°ΠΊΠ΅ΡΒ» Ρ 1999 ΠΏΠΎ 2022 Π³ΠΎΠ΄. ΠΠ³ΠΎ ΡΠ°Π·ΠΌΠ΅Ρ ΡΠΎΡΡΠ°Π²Π»ΡΠ΅Ρ 14 ΠΠ. Π‘ΠΊΠΎΡΠΎ ΠΌΡ Π½Π°ΡΠ½Π΅ΠΌ Π·Π°Π³ΡΡΠΆΠ°ΡΡ ΡΡΠ°ΡΡΠΈ.
β€177π16π₯15π€£15β€βπ₯6π€5π3π₯°2π2π€―2π±1
We've updated the vx-underground malware family collection.
- AvosLocker
- AgentTesla
- Emotet
- RaccoonStealer
- Coroxy
- LazyScripter
- SmokeLoader
- Escobar
- Valyria
- RedLine
- CobaltStrike
- PandoraRansomware
- WhisperGate
Check it out here: https://samples.vx-underground.org/samples/Families/
- AvosLocker
- AgentTesla
- Emotet
- RaccoonStealer
- Coroxy
- LazyScripter
- SmokeLoader
- Escobar
- Valyria
- RedLine
- CobaltStrike
- PandoraRansomware
- WhisperGate
Check it out here: https://samples.vx-underground.org/samples/Families/
π8π2β€1π1
Change your Steam ID to include the word "antidisestablishmentarianism".
Steam server provider Akamai bans the word. However, Steam does not. The word will (almost) destroy your Steam profile.
More information: https://www.youtube.com/watch?v=l8mvWiNs30M
Steam server provider Akamai bans the word. However, Steam does not. The word will (almost) destroy your Steam profile.
More information: https://www.youtube.com/watch?v=l8mvWiNs30M
YouTube
This One Word Kills Your Steam Account
Steam is the ultimate games launcher. Its got the legendary steam summer sales that exploit your wallet for gabens profit! Its got a great amount of community guides and forums for gamers to discuss in. And best of all you have your profile that you can useβ¦
π±21π14π₯°3π2β€1β€βπ₯1π₯1π1π€ͺ1
The new Microsoft Windows 'Dev Drive' feature will be a game changer. Expect to see a monumental increase in malware in development environments.
π«‘40π14π₯10π6π€5π3β€2
We've updated the vx-underground malware family collection.
- WhiteBlack
- Danabot
- EnemyBot
- Gh0stCringe
- LokiLocker
- ArkeiStealer
- Qakbot
- RookRansomware
- IcedId
- CaddyWiper
- HydraBankBot
- BlackMatter
Check it out here: https://samples.vx-underground.org/samples/Families/
- WhiteBlack
- Danabot
- EnemyBot
- Gh0stCringe
- LokiLocker
- ArkeiStealer
- Qakbot
- RookRansomware
- IcedId
- CaddyWiper
- HydraBankBot
- BlackMatter
Check it out here: https://samples.vx-underground.org/samples/Families/
π10β€βπ₯5π2β€1
This media is not supported in your browser
VIEW IN TELEGRAM
A summary of malware trends and discussions we have witnessed in the past few weeks and the response from Twitter nerds
π€£71β€βπ₯3β€1π1π―1
A qTox 1.17.6 (current version) RCE 0day is for sale.
It would give nerds the ability to pwn literally every ransomware group, and major Threat Actor, on the planet. All it requires is sending a friend request, and the other person accepting it.
It is being sold for $500,000
It would give nerds the ability to pwn literally every ransomware group, and major Threat Actor, on the planet. All it requires is sending a friend request, and the other person accepting it.
It is being sold for $500,000
π€―101π«‘18π₯11π―5π€£4π3β€βπ₯1π1
This media is not supported in your browser
VIEW IN TELEGRAM
π€£62π4π―4π₯2π€―1π1
The exploit has been sold. The buyer has not been publicly identified.
"Now how am I going to make new friends? Don't message me on qTox, I only have old friends )))" - Lockbit ransomware group administrative staff
"Now how am I going to make new friends? Don't message me on qTox, I only have old friends )))" - Lockbit ransomware group administrative staff
π€―38π18π€2β€1π1π1π«‘1
We've updated our Windows malware paper collection.
- 2012-11-01 - SizeOfStackReserve As Anti-Attaching Trick
- 2021-01-20 - Process on a diet anti-debug using job objects
- 2023-05-02 - Preventing application creation by IFEO keys
Check it out here: https://www.vx-underground.org/windows.html
- 2012-11-01 - SizeOfStackReserve As Anti-Attaching Trick
- 2021-01-20 - Process on a diet anti-debug using job objects
- 2023-05-02 - Preventing application creation by IFEO keys
Check it out here: https://www.vx-underground.org/windows.html
π12β€3π€―1π1π€£1
A Threat Actor leaked the private GitHub repos from Panopta, a company recently acquired by Fortinet.
The breached appears to take place before or on December 22nd, 2022.
The breached appears to take place before or on December 22nd, 2022.
π29π«‘4π1
The mayor of Augusta, Georgia, told local media outlet WRDW_WAGT they were not a victim of BlackByte ransomware group
This is an incredibly bold move - denying being a victim, while data is actively being leaked and distributed, is a galaxy brain moment
https://www.wrdw.com/2023/05/25/mayor-denies-getting-ransom-demand-fix-computer-outage/
This is an incredibly bold move - denying being a victim, while data is actively being leaked and distributed, is a galaxy brain moment
https://www.wrdw.com/2023/05/25/mayor-denies-getting-ransom-demand-fix-computer-outage/
WRDW
Mayor denies $50M ransom demand amid city computer outage
Despite rumors to the contrary, several Augusta officials wouldn't characterize the city's computer outage as a ransomware attack.
π€£23π€ͺ6π3π1π«‘1