We're working on something kind of unique right now. It's really cool and you nerds will be like "lol wtf"

Also, hope everyone had a good weekend:)

thank god

tl;dr Chinese state-sponsored hackers indicted. Long story. Full indictment can read here: https://www.justice.gov/opa/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting-perceived

Summary:
Today the United States Department of Justice indicted seven individuals believed to be tied to Chinese-stated sponsored group APT31 a/k/a TA412 a/k/a Violet Typhoon a/k/a Zirconium.

The individuals indicted are:
- Ni Gaobin, 38
- Weng Ming, 37
- Cheng Feng, 34
- Peng Yaowen, 38
- Sun Xiaohui, 38
- Xiong Wang, 35
- Zhao Guangzong, 38

All are believed to reside in the People's Republic of China.

The individuals are charged with conspiracy to commit computer intrusions and conspiracy to commit wire fraud. The individuals are believed to have spent the past 14 years targeting United States and foreign critics, businesses, and political officials to further Chinese economic espionage and foreign intelligence objectives.

The full write up, and indictments, from the United States Department of Justice is lengthy and gives more details on their actions.

Top-gg, the self-proclaimed largest collection of Discord bots, was subject to a supply chain attack. The unidentified Threat Actor(s) created a fake Python package domain to deliver poisoned Python packages.

These individual(s) successfully compromised a GitHub maintainer for Top-gg and modified the code base.

You can read the full article here: https://www.bleepingcomputer.com/news/security/hackers-poison-source-code-from-largest-discord-bot-platform/

Our page engagement is 5x - 10x higher when we shit post. We've become profoundly gifted in the art of shitposting over the past 5 years of vx-underground.

tl;dr we're digital archaeologists

We can't spoil this too much – but we found an online gem. It's an old video game, released in 1994, that still has servers online. We aren't entirely sure how they're online, or why, but they're still here. It has a daily peak of 50 users whereas in the 1990's it had nearly 500,000 users online daily.

The game client recommends specs of the following:
- 300MHz (800MHz ideally)
- 128MB+ RAM
- Windows 98, Me, 2000
- Windows Media Player 6.4 or later
- 3D acceleration (64mb+ video RAM)

Currently this game has 206 servers online. The game held online expos and/or conventions which were sponsored by companies like Microsoft, Intel, Boeing, and dozens of now defunct companies.

Interestingly, the game also has a server which was briefly pitched as a United States Department of Defense virtual-command center ... which is still online and actively maintained as of 2024-03-25. Around approx. 1999 this server was pitched to United States government personnel to cooperate with allies in Africa – it features a now defunct United States x Africa virtual command center. It currently has a command center for the United States, Israel-Gaza conflict, Ukraine-Russia conflict, and COVID19 information command center. We spoke with the maintainer of this server and learned a lot about him, the game, why he is still around, and so much more. It is profoundly interesting.

Out of the remaining servers are also old virtual meetups, with photos of the people who attended, dating back the early 2000s. It has a birthday server.. for a woman who held an online birthday party sometime in the early 2000s.

It has a teenager server hangout room which was last updated December, 2001. There are lots of notes and images in the teenager server of teens from the 90's writing 'X was here May, 1999' and so on.

The game also features an online graveyard. It is maintained by a woman, who has listed her PII in the game, and has probably 20+ friends who have passed away. It has photos, messages, virtual flowers, and more.

Woke up to internet dorks angrily proclaiming, screaming at the top of their lungs, we are forbidden from discovering something already discovered.

Unironically we get more negative feedback about video games than we do talking to internationally wanted criminals

Anyway, we weren't going to make a video about this... because we don't make videos and we don't profit from our tweets (okay, maybe a few pennies, we're so sorry).

But let it be known!! They are correct – we watched VineSauce and RedLyne! Please forgive us 😭🙏

We've updated the vx-underground malware collection. We've added approx. 24,000 malware samples. All are synced with the VXDB.

- XWorm
- Remcos
- zLoader
- PikaBot
- QakBot
- Konni
- LummaStealer
- PureLogStealer
- Android.Anatsa
- Gh0stRAT
- IcedId
- BackMyDataRansomware
- AresLoader
- Android.Teabot
- Turla
- AgentTesla
- VirusSign.2024.03.18
- VirusSign.2024.03.19
- VirusSign.2024.03.20
- VirusSign.2024.03.21
- VirusSign.2024.03.22
- VirusSign.2024.03.23
- VirusSign.2024.03.24

pr department hahahaha

Over the past couple of days we have become aware of malware targeting gamers! More specifically, a currently unidentified Threat Actor is utilizing an infostealer to target individuals who cheat (Pay-to-Cheat) in video games.

A Call of Duty cheat provider (PhantomOverlay) was alerted of fraudulent activity when user accounts began making unauthorized purchases. The cheat provider was the first to notice the fraudulent activity and reached out to the suspected victim. Since the initial victim was identified, more and more victims have been identified.

The scope of the impact is so large, and in a bizarre twist of fate, Activision Blizzard is coordinating with cheat providers to aid users impacted by the massive infostealer campaign.

Currently there is a presumed impact of:
- 3,662,627 Battlenet accounts compromised
- 561,183 Activision accounts compromised
- 117,366 Elite PVPers accounts compromised
- 572,831 UnknownCheats accounts compromised
- 1,365 PhantomOverlay accounts compromised

When Elite PVPers was approached by PhantomOverlay administrative staff about the compromised accounts, Elite PVPers confirmed they have identified 40,000+ valid user accounts compromised. These are seemingly freshly stolen credentials and are not present from previous publicly available credential dumps. However, due to the size of the data we have not been able to thoroughly review the data for duplicates.

Additionally, impacted users have begun reporting being victims of crypto-draining – their Electrum BTC wallets have been drained. We do not have any information on the amount of money stolen.

It should be noted that some of these accounts are also not cheaters. Some users impacted utilized gaming software for latency improvement (?), VPNs, and Controller Boosting software

(we don't know what this means)

DarkGate loader has the most sophisticated loader we've ever seen. It's over for the anti-virus industry. How would anyone defeat or detect this?!

Unpopular opinion: cheating in video games is cool and badass

You should have nothing but the utmost respect for nerds who spent their time reverse engineering a game and developing ways to cheat. It isn't easy work especially with the advancement of anti-cheats.

FTX founder Sam Bankman-Fried has been sentenced to 25 years in prison.