The craziest thing about the entire Scattered Spider trilogy is how simple they operated and how effective it was
They didn't utilize 0day exploits. They didn't utilize novel and "undetectable" malware. They didn't exploit N-days or try to find vulnerable external facing machines.
All they did was call the help desk. That's it. That's literally it.
Scattered Spider performed basic reconnaissance from social media (LinkedIn), investor websites, and dug up any information they could about the company.
Then they called the help desk.
That's how they compromised banks, critical infrastructure, casinos, car manufacturers, petroleum companies, luxury brands, government entities, air lines, and record labels.
Once they got access they used basic open source tooling from GitHub. It was never anything super fancy.
All of these companies invested heavily into Threat Intelligence, SOC analysts, Endpoint Detection Response software, DFIR experts, and anything else you can think of and it was defeated by doing basic research on the company and calling the help desk
We're so fucked
They didn't utilize 0day exploits. They didn't utilize novel and "undetectable" malware. They didn't exploit N-days or try to find vulnerable external facing machines.
All they did was call the help desk. That's it. That's literally it.
Scattered Spider performed basic reconnaissance from social media (LinkedIn), investor websites, and dug up any information they could about the company.
Then they called the help desk.
That's how they compromised banks, critical infrastructure, casinos, car manufacturers, petroleum companies, luxury brands, government entities, air lines, and record labels.
Once they got access they used basic open source tooling from GitHub. It was never anything super fancy.
All of these companies invested heavily into Threat Intelligence, SOC analysts, Endpoint Detection Response software, DFIR experts, and anything else you can think of and it was defeated by doing basic research on the company and calling the help desk
We're so fucked
π€£103β€16π―10π€7π4π’2π₯1π₯°1
vx-underground
The craziest thing about the entire Scattered Spider trilogy is how simple they operated and how effective it was They didn't utilize 0day exploits. They didn't utilize novel and "undetectable" malware. They didn't exploit N-days or try to find vulnerableβ¦
Im telling you right now bro, if a girl joined in on their Scattered Spider spree, it would have been x100 worse.
Imagine some girl calls in. She tells the dork at the help desk that she's confused, doesn't understand computers, and says shit like "hehe you sound cute" or "wow you're so smart".
Bro would fold in a nanosecond. All security protocols right out the fuckin window.
That would probably be the first compliment that mfer on helpdesk has had in his life. They'd give that chick access to the domain controller if she wanted
Anyway, that's my nightmare fuel for you.
Imagine some girl calls in. She tells the dork at the help desk that she's confused, doesn't understand computers, and says shit like "hehe you sound cute" or "wow you're so smart".
Bro would fold in a nanosecond. All security protocols right out the fuckin window.
That would probably be the first compliment that mfer on helpdesk has had in his life. They'd give that chick access to the domain controller if she wanted
Anyway, that's my nightmare fuel for you.
π€£148π―30π₯7π2π’2β€1π₯°1π«‘1
I guess I'll be doing a talk at Dakota State University via Discord.
Their cybersecurity club leader person (?) approached me and persuaded me to do a talk. They have expert negotiation skills. It was a long back and forth.
See attached image for the intense negotiation and bartering.
Their cybersecurity club leader person (?) approached me and persuaded me to do a talk. They have expert negotiation skills. It was a long back and forth.
See attached image for the intense negotiation and bartering.
π119π₯21π₯°19π€£12β€11π’1
vx-underground
Crazy seeing a ZachXBT cameo performance in the Scattered Spider ransomware trilogy Scattered Spider made $12,000,000 from ransoming Caesar Palace in Las Vegas. But then ZachXBT popped up and help freeze the funds in January, 2024.
Anytime there is a crazy amount of crypto money going around this mfer pops up like the boogie man hahahahaha
π€£70β€9π5π₯°1π’1
Yesterday I made a post discussing women performing social engineering.
The post (and joke) was that if a woman calls helpdesk, pretends to be dumb with computers, acts confused, and comments things like "hehe you sound cute" or "wow, you're so smart", then exploitation is much easier.
Help desk nerds probably haven't received a compliment in years and would fold in a nanosecond.
Subsequently, someone commented, "How can someone counteract this?"
The answer is simple. Hire women.
It's a well known and scientific fact women are immune to other women trying to coerce them. It is equivalent to a fire type Pokemon trying to fight a fire type Pokemon.
If the helpdesk lady encounters a woman pretending to be dumb, she'll immediately pick up on it.
Help desk lady will not fold.
Help desk lady will not fall for the trap.
Help desk lady will be annoyed instead of flattered.
Help desk lady is our only true savior
The post (and joke) was that if a woman calls helpdesk, pretends to be dumb with computers, acts confused, and comments things like "hehe you sound cute" or "wow, you're so smart", then exploitation is much easier.
Help desk nerds probably haven't received a compliment in years and would fold in a nanosecond.
Subsequently, someone commented, "How can someone counteract this?"
The answer is simple. Hire women.
It's a well known and scientific fact women are immune to other women trying to coerce them. It is equivalent to a fire type Pokemon trying to fight a fire type Pokemon.
If the helpdesk lady encounters a woman pretending to be dumb, she'll immediately pick up on it.
Help desk lady will not fold.
Help desk lady will not fall for the trap.
Help desk lady will be annoyed instead of flattered.
Help desk lady is our only true savior
π₯84π€£54β€16π―9π€7π€―5π€4π’2π₯°1
vx-underground
Yesterday I made a post discussing women performing social engineering. The post (and joke) was that if a woman calls helpdesk, pretends to be dumb with computers, acts confused, and comments things like "hehe you sound cute" or "wow, you're so smart", thenβ¦
This playfully sexist joke is sponsored in part by NyQuil. You can drink NyQuil even if you're not sick.
Thank you, NyQuil, for making me possess deranged thoughts such as comparing women to Pokemon
Thank you, NyQuil, for making me possess deranged thoughts such as comparing women to Pokemon
π€£74β€11π₯°8β€βπ₯2π±2π₯1π’1π«‘1
Today is a day of mourning.
We have been informed Turbo the Kitty Cat has passed away.
Rest in Peace, Turbo
We have been informed Turbo the Kitty Cat has passed away.
Rest in Peace, Turbo
π«‘213π’74β€10π6π1π±1π1
Lots of discussion online today about two actions performed by United States President Donald J. Trump which are expected to heavily impact the Cybersecurity and Information Technology ecosystem.
There is a shit load of yappin' online about the executive order titled, "Gold Visa" and Presidential Proclamation titled, "Restriction of Entry of Certain Nonimmigrant Workers".
Both the executive order and Presidential Proclamation were signed September 19th, 2025.
Both the executive order and Presidential Proclamation are kind of lengthy.
The non-head line grabbing summaries that aren't AI slop:
"Gold Visa" tl;dr
- Says United States immigration policy sucks
- Says immigrants hurt America
- Gift America $1,000,000 to get an expedited visa
- Companies can gift on someones behalf
- Companies must gift $2,000,000 for someone
- Still subject to background checks
- Non-refundable
- Money will be used to improve American stuff
- Goes into effect in 90 days
"Restriction of Entry of Certain Nonimmigrant Workers" tl;dr
- Says companies abuse H1B
- Says tech companies exploit H1B workers
- Says H1B fucks over American STEM nerds
- Specifically says H1B fucks computer nerds
- Says over 30% of IT is H1B
- Says H1B IT fucks over college kids looking for jobs
- Says H1B replacing Americans because cheaper
- Says H1B is a threat to National Security
- Going to charge for H1Bs now
- H1B charging fees start September 21st, 2025
- $100,000 per H1B employee per year
- Hired H1Bs must be explained why they need them
- H1Bs are subject to more background checks
- H1Bs can be denied for any reason
This proclamation is expected to be catastrophic to large IT companies such as Amazon, Infosys, Cognizant, Google, Meta, Microsoft, and Apple
If these companies fully comply with the Presidential Proclamation (not terminate H1Bs, keep them), these companies will be paying the following amounts of money PER YEAR to keep their H1B employees
Amazon: $930,000,000
Infosys: $810,000,000
Cognizant: $630,000,000
Google: $540,000,000
Meta: $480,000,000
Microsoft: $470,000,000
Apple: $390,000,000
In other words, the top IT companies will end up paying $4,250,000,000 annually for H1B workers... or fire them and replace them with Americans.
There is a shit load of yappin' online about the executive order titled, "Gold Visa" and Presidential Proclamation titled, "Restriction of Entry of Certain Nonimmigrant Workers".
Both the executive order and Presidential Proclamation were signed September 19th, 2025.
Both the executive order and Presidential Proclamation are kind of lengthy.
The non-head line grabbing summaries that aren't AI slop:
"Gold Visa" tl;dr
- Says United States immigration policy sucks
- Says immigrants hurt America
- Gift America $1,000,000 to get an expedited visa
- Companies can gift on someones behalf
- Companies must gift $2,000,000 for someone
- Still subject to background checks
- Non-refundable
- Money will be used to improve American stuff
- Goes into effect in 90 days
"Restriction of Entry of Certain Nonimmigrant Workers" tl;dr
- Says companies abuse H1B
- Says tech companies exploit H1B workers
- Says H1B fucks over American STEM nerds
- Specifically says H1B fucks computer nerds
- Says over 30% of IT is H1B
- Says H1B IT fucks over college kids looking for jobs
- Says H1B replacing Americans because cheaper
- Says H1B is a threat to National Security
- Going to charge for H1Bs now
- H1B charging fees start September 21st, 2025
- $100,000 per H1B employee per year
- Hired H1Bs must be explained why they need them
- H1Bs are subject to more background checks
- H1Bs can be denied for any reason
This proclamation is expected to be catastrophic to large IT companies such as Amazon, Infosys, Cognizant, Google, Meta, Microsoft, and Apple
If these companies fully comply with the Presidential Proclamation (not terminate H1Bs, keep them), these companies will be paying the following amounts of money PER YEAR to keep their H1B employees
Amazon: $930,000,000
Infosys: $810,000,000
Cognizant: $630,000,000
Google: $540,000,000
Meta: $480,000,000
Microsoft: $470,000,000
Apple: $390,000,000
In other words, the top IT companies will end up paying $4,250,000,000 annually for H1B workers... or fire them and replace them with Americans.
π€42π₯30π€£26β€10π’6π4π±4π€―2π2π1
My internet connectivity has been absolute dog ass for years. I've been using this old ass fuck off modem and router combo. It was like, 10 years old.
I went to the local poopy pants store (computer store) and purchased this stupid expensive modem router combo thingy that looks like its from the year 3035
Dawg, I'm getting 2Gbps down π
Before I was getting 25 Mbps down (if I was lucky). I never even questioned why my connection was so slow despite paying so much money. I was too focused on cat pictures and malware to think good
tl;dr im dumb as hell
I went to the local poopy pants store (computer store) and purchased this stupid expensive modem router combo thingy that looks like its from the year 3035
Dawg, I'm getting 2Gbps down π
Before I was getting 25 Mbps down (if I was lucky). I never even questioned why my connection was so slow despite paying so much money. I was too focused on cat pictures and malware to think good
tl;dr im dumb as hell
π82π€―22π€8π₯5β€4π1
Updates:
- Malware Analysis section expanded for 2025
- Papers section expanded
- New categories for papers added
- 100,000+- malware samples uploaded
New papers:
- 2025-09-18 - More Fun With WMI
- 2025-07-16 - Under the Hood of AFD.sys Part 1
- 2021-01-25 - Advanced obfuscation with LLVM and template metaprogramming
- Malware Analysis section expanded for 2025
- Papers section expanded
- New categories for papers added
- 100,000+- malware samples uploaded
New papers:
- 2025-09-18 - More Fun With WMI
- 2025-07-16 - Under the Hood of AFD.sys Part 1
- 2021-01-25 - Advanced obfuscation with LLVM and template metaprogramming
β€34π₯9π₯°5π±1π’1π1
As is tradition, 4chan is doing some trolling.
They've launched "Operation Clogged Toilet".
They're intentionally reserving flights (prior to payment confirmation) from places such as India to the United States to prevent potential H1B holders to return to the United States
They've launched "Operation Clogged Toilet".
They're intentionally reserving flights (prior to payment confirmation) from places such as India to the United States to prevent potential H1B holders to return to the United States
π€£144π₯21π’14β€8π€4π2π₯°1π€©1
This media is not supported in your browser
VIEW IN TELEGRAM
I lied. I didn't add 100,000 malwares yesterday. I added 325,000 malwares yesterday.
π₯85β€βπ₯18β€9π₯°6π±5π€4π3π2π’1
Hello,
2,000 kitty cat pictures have been added to the kitty cat picture collection. Please look at them. It is very important.
./Archive/Cat Picture Collection
https://vx-underground.org/
2,000 kitty cat pictures have been added to the kitty cat picture collection. Please look at them. It is very important.
./Archive/Cat Picture Collection
https://vx-underground.org/
π₯°80β€25π7π₯2π’1