This media is not supported in your browser
VIEW IN TELEGRAM
I lied. I didn't add 100,000 malwares yesterday. I added 325,000 malwares yesterday.
π₯85β€βπ₯18β€9π₯°6π±5π€4π3π2π’1
Hello,
2,000 kitty cat pictures have been added to the kitty cat picture collection. Please look at them. It is very important.
./Archive/Cat Picture Collection
https://vx-underground.org/
2,000 kitty cat pictures have been added to the kitty cat picture collection. Please look at them. It is very important.
./Archive/Cat Picture Collection
https://vx-underground.org/
π₯°80β€25π7π₯2π’1
This media is not supported in your browser
VIEW IN TELEGRAM
Yesterday a video game streamer named RastalandTV inadvertently livestreamed themselves being a victim of a cryptodraining campaign.
This particular spearphishing campaign is extraordinarily heinous because RastaLand is suffering from Stage-4 Sarcoma and is actively seeking donations for their cancer treatment. They lost $30,000 of the money which was designated for their cancer treatment. In the steam clip their friend tries to console them while they cry out, "I am broken now."
They were contacted by an unknown person who requested they play their video game demo (downloadable from Steam). In exchange for RastaLand playing their video game demo on stream, they would financially compensate them.
Unfortunately, the Steam game was actually a cryptodrainer masquerading as a legitimate video game.
This particular spearphishing campaign is extraordinarily heinous because RastaLand is suffering from Stage-4 Sarcoma and is actively seeking donations for their cancer treatment. They lost $30,000 of the money which was designated for their cancer treatment. In the steam clip their friend tries to console them while they cry out, "I am broken now."
They were contacted by an unknown person who requested they play their video game demo (downloadable from Steam). In exchange for RastaLand playing their video game demo on stream, they would financially compensate them.
Unfortunately, the Steam game was actually a cryptodrainer masquerading as a legitimate video game.
π’164π±19β€11π4π€£4π2π«‘1
vx-underground
Yesterday a video game streamer named RastalandTV inadvertently livestreamed themselves being a victim of a cryptodraining campaign. This particular spearphishing campaign is extraordinarily heinous because RastaLand is suffering from Stage-4 Sarcoma andβ¦
Rastaland, I am truly sorry for what has occurred. What you're experiencing is profoundly tragic. It is not fair. You're a victim. I hope by sharing this incident with my large follower base maybe something positive can come from this experience.
https://www.gofundme.com/f/57p5a-help-me-beat-stage-4-cancer
https://www.gofundme.com/f/57p5a-help-me-beat-stage-4-cancer
gofundme.com
Donate to Help me beat stage 4 cancer!, organized by Raivo Plavnieks
Here's the short story:
Hello, I'm 26, a crypto degen through and through. Normally, β¦ Raivo Plavnieks needs your support for Help me beat stage 4 cancer!
Hello, I'm 26, a crypto degen through and through. Normally, β¦ Raivo Plavnieks needs your support for Help me beat stage 4 cancer!
β€96π27π’15π₯°4
Previously we made a post about a cancer patient being a victim of a malicious Steam game. It is a cryptodrainer masquerading as a free-to-play video game.
Based on reports and conversations occurring online, this is the malicious video game:
https://store.steampowered.com/app/3872350/BlockBlasters/
Based on reports and conversations occurring online, this is the malicious video game:
https://store.steampowered.com/app/3872350/BlockBlasters/
Steampowered
Steam Store
Steam is the ultimate destination for playing, discussing, and creating games.
β€22π9π₯°4π’1
vx-underground
Previously we made a post about a cancer patient being a victim of a malicious Steam game. It is a cryptodrainer masquerading as a free-to-play video game. Based on reports and conversations occurring online, this is the malicious video game: https://stβ¦
However, it is important that I note that I have not personally reviewed the game yet to determine if this is actually malware. This is what the victims allege or believe to be the culprit.
π«‘35β€9π6π€2π’1
vx-underground
Previously we made a post about a cancer patient being a victim of a malicious Steam game. It is a cryptodrainer masquerading as a free-to-play video game. Based on reports and conversations occurring online, this is the malicious video game: https://stβ¦
I guess we lookin' at this mfer fr
β€46π₯28π€£19π€6π±4π₯°2π2π―2π€―1π’1
vx-underground
I guess we lookin' at this mfer fr
Chat, I'm not video game developer, but this file looks strange. Why does this video game contain a .bat file that looks for your browser credentials and crypto wallets?
π€£109π±21π€7β€4π€4π’2
vx-underground
Chat, I'm not video game developer, but this file looks strange. Why does this video game contain a .bat file that looks for your browser credentials and crypto wallets?
https://www.virustotal.com/gui/file/3766a8654d3954c8c91e658fa8f8ddcd6844a13956318242a31f52e205d467d0
π€£47β€10π₯°5π±1π’1
vx-underground
Chat, I'm not video game developer, but this file looks strange. Why does this video game contain a .bat file that looks for your browser credentials and crypto wallets?
Dawg, one of their boys is on VirusTotal flagging ransomware files as safe (comments or safe upvotes)
https://www.virustotal.com/gui/user/zombiebunny/comments
https://www.virustotal.com/gui/user/zombiebunny/comments
π€£97π±10β€7π2π’1π€©1π€1
vx-underground
Dawg, why did these cryptodrainer nerds leave their Telegram credentials exposed in plain text in their drainer?
Who are these people and why do they target cancer patients?
π’100π₯27π€£18β€9π€9π1
vx-underground
Who are these people and why do they target cancer patients?
Update: entire channel has been deleted. Accounts also deleted.
Where did they go? :(
Where did they go? :(
π€£148π«‘22β€7π5π€4π’4π₯°1π1
vx-underground
Update: entire channel has been deleted. Accounts also deleted. Where did they go? :(
Clicked the wrong button, accidentally pulled their infrastructure and victim logs, all 907 victims
π₯°143π€£45π33π±9β€5π₯4β€βπ₯3π2π’2π1
vx-underground
> find sketchy steam game > download it > find shitty .bat > open it > find hardcoded telegram creds > get everything > pull infra and all logs dawg, you have to write better malware. took less than 30 minutes bro. you gotta lock in
DAWG WHY DID YOU WHITELIST BY STEAM ID
π€£144β€9π€―9π4π2π₯1π€1π’1
Okay, I'm done looking at the malware. I enjoyed reversing it and looking at it. I've got stuff I gotta do now though.
Interesting technique by "David" to hire someone from Telegram to make the video game. I never considered this as a TTP. +1 cat picture for the clever idea.
-1 cat picture for using generic malware. This is probably some DaaS or ChatGPT malware. Makes use of Python and .BAT stuff.
-1 cat picture for draining a person with stage-4 cancer. That is really fucked up bro.
Game on Steam:
"BlockBlasters"
Fake VirusTotal user:
"zombiebunny"
Hashes:
"bot"
af2f245a28134ec9ac8e790ecd897a24f9ae7a254aa97dc72d19b6cbaf3233e9
"game2"
aa1a1328e0d0042d071bca13ff9a13116d8f3cf77e6e9769293e2b144c9b73b3
"h"
9c6e4acc987f305ab039c8384c14d1cc303f1ad6296364faa96cbb351729e84d
"Index"
85e815ed3a9a52f13833f39fa47e249a8d463830162b62da6df8deaea89d1010
"Test"
db919e9d879050bba18295adb71f5b1866d0bdb9759bdfc9e2cca719514f7004
White listed users:
79d69f9a712d239a8d66d8f41b78719e93f8c6308f4eb4d6208d227d72ce894e
Interesting technique by "David" to hire someone from Telegram to make the video game. I never considered this as a TTP. +1 cat picture for the clever idea.
-1 cat picture for using generic malware. This is probably some DaaS or ChatGPT malware. Makes use of Python and .BAT stuff.
-1 cat picture for draining a person with stage-4 cancer. That is really fucked up bro.
Game on Steam:
"BlockBlasters"
Fake VirusTotal user:
"zombiebunny"
Hashes:
"bot"
af2f245a28134ec9ac8e790ecd897a24f9ae7a254aa97dc72d19b6cbaf3233e9
"game2"
aa1a1328e0d0042d071bca13ff9a13116d8f3cf77e6e9769293e2b144c9b73b3
"h"
9c6e4acc987f305ab039c8384c14d1cc303f1ad6296364faa96cbb351729e84d
"Index"
85e815ed3a9a52f13833f39fa47e249a8d463830162b62da6df8deaea89d1010
"Test"
db919e9d879050bba18295adb71f5b1866d0bdb9759bdfc9e2cca719514f7004
White listed users:
79d69f9a712d239a8d66d8f41b78719e93f8c6308f4eb4d6208d227d72ce894e
π78β€15π―9π5π₯2π’1
vx-underground
Okay, I'm done looking at the malware. I enjoyed reversing it and looking at it. I've got stuff I gotta do now though. Interesting technique by "David" to hire someone from Telegram to make the video game. I never considered this as a TTP. +1 cat pictureβ¦
Bro decides to throw a party after draining $32,000 from a cancer patient
π’185π€£35π€―23β€7π₯°4π4π±4π₯1π1π―1
tl;dr of today
> rastalandTV gets crypto drained
> he has stage 4 cancer
> hes targeted specifically for his cancer treatment money
> loses $32,000
> nerds band together
> ZssBecker donates $30,000 to him
> malware nerds come together
> drainer infra found
> pull all victim data from infra
> victims will be notified
> all malware flagged
> osint nerds come together
> find drainers info from their telegram ids
> find info from their steam ids
tl;dr tl;dr stage 4 cancer bro gets fucked over, 50+ nerds band together to undo the damage
fuck cancer
> rastalandTV gets crypto drained
> he has stage 4 cancer
> hes targeted specifically for his cancer treatment money
> loses $32,000
> nerds band together
> ZssBecker donates $30,000 to him
> malware nerds come together
> drainer infra found
> pull all victim data from infra
> victims will be notified
> all malware flagged
> osint nerds come together
> find drainers info from their telegram ids
> find info from their steam ids
tl;dr tl;dr stage 4 cancer bro gets fucked over, 50+ nerds band together to undo the damage
fuck cancer
β€280π₯39β€βπ₯17π₯°10π«‘9π8π€©2π1π’1π―1