vx-underground

🤔

3.14K views01:42

Updates:

-We are aware some samples have become corrupted post migration. All have been repaired. Go live is October 22, 2021

-18,000+ PDBs & symbols in queue for our reverse engineer friends

3.14K views03:41

vx-underground

Monday, October 18th, 2021 a Turkish individual leaked source code to Cerberus Android Banking Trojan. This appears to a variant of a previously leaked version we possess.

You can download Android.Cerberus.d here: https://github.com/vxunderground/MalwareSourceCode/tree/main/Leaks/Android

3.21K views15:40

vx-underground

Additions to the VXUG papers collection:

-SmashEx: Smashing SGX Enclaves Using Exceptions by Jinhua Cui, Jason Yu, Shweta Shinde, Prateek Saxena, Zhiping Cai

-Analyzing ransomware negotiations with CONTI: An in-depth analysis by DIFR Research Group

https://vx-underground.org/papers

3.28K views23:29

vx-underground

We've re-opened our Discord to the public.

https://discord.com/invite/3mxXqnD78a

Discord

Discord - Group Chat That’s All Fun & Games

Discord is great for playing games and chilling with friends, or even building a worldwide community. Customize your own space to talk, play, and hang out.

3.21K views03:39

vx-underground

Groove ransomware groups asks ransomware operators to unite to attack the United States. Groove asks operators to stop attacking Chinese organizations and warns of a possible race war in the United States.

Image 1: EN
Image 2: RU

4.15K views14:44

vx-underground

Conti ransomware group has put out a statement regarding the recent REvil activities. We have archived it and placed it on Pastebin.

Title: Announcement. ReviLives.
Subject: Own opinion.

You can read it here: https://pastebin.com/kMQAbcFa

3.58K views17:15

vx-underground

Following the recent fallout of REvil, the new spokesperson of REvil, 0_neday, has been banned from XSS.

3.78K views19:25

vx-underground

Espector.7z

101.6 KB

I will share something on Telegram before it goes live on vx-underground. Here are samples to APT Espector, a Chinese UEFI Bootkit and FiveSYS, a Microsoft signed Windows Rootkit. :) Have a good weekend:)

-smelly

6.99K views05:11

4.4K views05:14

We have another ransomware toolkit leak. We will share it soon.

Happy weekend, Blue Teams.

3.48K views22:07

vx-underground

SupplyChainMalware.7z

5.9 MB

More malware samples:)

https://www.bleepingcomputer.com/news/security/popular-npm-library-hijacked-to-install-password-stealers-miners/

4.47K views22:09

vx-underground

Updates to the vx-underground APT collection:

- FiveSYS, Microsoft signed Rootkit
- TinyVNC from Kimsuky Group
- APT Harvester campaign
and more...

Check it out here: https://vx-underground.org/apts

*Samples includes

3.5K views00:52

vx-underground

Total malware samples in the vx-underground malware collection: 2,348,257

Goal: 26,000,000

3.32K views04:57

vx-underground

We've made updates to the vx-underground APT collection:

- FontOnLake, linux malware
- APT InSideCopy

Samples and papers included.

Check it out here: https://vx-underground.org/apts

3.33K views03:58

vx-underground

We've updated the vx-underground malware source code repository. We have added Android.GhostBot. An Android spyware proof-of-concept capable of surveillance on the target, functionality similar to Pegasus

You can check it out here (under Android section): https://github.com/vxunderground/MalwareSourceCode

3.52K views12:45

vx-underground

3.37K views10:43

vx-underground

Grief ransomware group has ransomed the National Rifle Association (NRA).

Link: http://griefcameifmv4hfr3auozmovz5yi6m3h3dwbuqw7baomfxoxz4qteid.onion

👍1

3.59K views17:08

vx-underground

Friday, October 29th, 2021 we will release the ransomware toolkit we have acquired.

The tools we possess we have confirmed to be used by both Conti ransomware group and BlackMatter ransomware group. They are scripts stolen from TeamTNT - modified to deliver ransomware.

3.61K views07:41

About

Blog

Apps

Platform