Administrative update:

- I am slowly, but surely, revising the entire malware analysis collection. In essence, I am downloading every malware analysis paper and pulling the related malware samples with it. It is several millions samples going back to the beginning of time (2001-ish). I don't know what to call this collection of stuff, so it's literally just "Malware Analysis". I will merge the old APT collection with this, eventually

- I am slowly resuming my work on archiving malware development papers. My work load has been minimized because this nerd 5mukx posts all sorts of malware papers he finds. I've been going based off his tweets. He doesn't know he is my official malware paper feed. I might offer him a job at vx-underground (I'm poor, I just mean beg him to help me).

- Some random French guy named Dunt has been helping me archive papers too.

- I'm bringing in like, 8,000+- malware samples a day thanks to petikvx and virussign. He is a blessing. I love him so much. I barely talk to the guy. I just check the website and he keeps pushing malware. He's doing it for the love of the game and nothing else. He is also French. I love French people. I think the VirusSign people are Canadian. I love Canadians too.

- Besides working on vx-underground, I've been doing silly things like looking for cool and badass malware samples and unique payloads. I've had minor success. I've also noticed lots of cool malware development research stuff being published. Please slow down. I am behind and it's a lot of reading. I am too old for this shit.

- I have some other big news too, but can't share it yet (don't know if it'll come to fruition).

- Nerds keep asking me about BlockBlasters. If OSINT nerds give me approval I'll share more details. I mostly did the malware stuff. OSINT nerds have been digging into that shit for like, 4 days straight. They're so deep down the rabbit hole I don't even know what's going on anymore.

- Infrastructure for vx-underground pretty steady thanks to TorGuard. This guy just sends me cat memes and money for stuff. I ask if he wants anything else, he just says "keep working on vx-underground". I said "okie np"

Anyway, while I continue to work slowly in the background I'll probably continue to make schizo posts, weird ass memes, post cat pictures, and make unusual commentary on cybersecurity events.

Thank you for the love and support.
- smelly smellington

One of the guys who drained cancer bro is on Xitter flexing that he drained $800,000, not the initial $150,000 ZachXBT reported

Really behind on stuff

Just going to be pushing unusually specific, esoteric, or weird stinky nerd tech memes for a few days

Chat, we're back to deranged posting for a few days. Buckle up.

certified hood classic 🙏

this isnt ai. gucci mane reportedly said the rap game isnt for him and hes decided to enroll in a code bootcamp. it inspired him to write this song

if you pretend to be a little girl on roblox pedophiles give you free stuff. its badass

DO NOT let your kids learn C++

Was reading my baby boy Windows Internals Volume 1 and he started crying.

Oh, so the shiny book with the pretty lady singing is about monkeys and bubble gum trees is cool but Windows Internals isn't? This mfers brain is ROT bro

I've made a few intentionally ambiguous posts about Terraria because I was trying to get nerds who do stuff with it to give a fuck.

Turns out they don't give a fuck in any capacity whatsoever so I'll just go full disclosure. When someone brought it to tModloaders attention they said it isn't a big deal. Okie dokie

In Terraria there is a mod called tModloader. It is available for download on Steam.

If someone hosts a game and has tModloader installed, and the person joining (the client) has tModloader installed, the client will arbitrarily download the mods used by the game host.

Very cool

However, if the game host has malicious mods installed then the client who joins the host will arbitrarily execute the malicious mod with no prompting. The malware payload will run in the context of tModloader.

This has been used on and off since roughly 2016. There are dozens of posts about it on places like Reddit, Discord, and Steam. Some nerds have considered making a "tModloader sandbox" to prevent mods from being able to access components outside scope of Terraria. Unfortunately, nothing has been done to prevent this and/or encapsulate mods. Obviously there is no "signing" mechanism for mods.

The host being able to execute mods on the client. Hence, it is not a vulnerability. It is a feature which is being abused.

This technique has been used most recently for cryptodraining malware campaigns (akin to spear phishing). It has been used historically to deploy RATs and information stealing malware.

The technique requires some social engineering to convince someone to join the host, however that is not particularly difficult.

I have a working proof-of-concept. It isn't hard at all. It's shockingly easy.

Thanks for coming to my TED Talk.

Thank you Telegram nerds for giving me code, proof-of-concepts, and explanation on how it works. I initially discussed it on Telegram and dozens of nerds came forward to share their insights, opinions, and code.

Yes, this can be done in other games too (probably). I don't follow game nerd malware stuff too closely, so maybe this isn't as novel as I perceive it to be. However, I think it's a really cool initial access and/or malware deployment method. I'm genuinely impressed by the ingenuity of nerds.

I would have easily fallen for this if I played Terraria with tModloader.

One way to differentiate a real nerd from a phony nerd is their appreciation of stuff

For example, someone may share an idea, or proof-of-concept, which illustrates something which is unusual

A nerd will appreciate it for it's documentation and appreciation that someone has shared this finding

A phony nerd will almost immediately, without hesitation, question the applicability of the thing being presented

Dawg, not everything has to have a purpose. Sometimes things are fun. Sometimes it's cool to do shit, just do to do shit. Not everything has to be for profit, or progress, or whatever the fuck else.

I've done so much useless stupid bullshit just because I thought it was interesting.

I've seen nerds share weird ass notes on something they reversed on Windows that basically no one uses or gives a shit about, and I love it and appreciate it.

You can just do things bro

The unknown is cool and badass. Explore it

If it's known and you wanna explore it, do it anyway so you can experience it yourself

Just fuckin have fun idfk

A long time I worked with a man who was victim to a romance scam.

He was a very obese man, desperately wanting a girlfriend. He had poor hygiene and had a habit of making wildly inappropriate comments to women in a (poor) attempt to flirt with women.

One day he low-key made a comment about his "girlfriend". We knew this was his attempt to bring up the subject. We were all very happy for him and congratulated him.

When we asked "who's the lucky lady?", he showed us a photo of what could possibly be an Instagram influencer. It was a very pretty and busty Hispanic woman. It was very obviously not his "girlfriend".

We said, "No, seriously, who is your girlfriend?", and he very seriously asserted this was his significant other.

He told us he met her on a dating app. He told us she was a doctor studying abroad and currently resides in Africa.

We asked if he had ever verbally spoken with her and he said no. He said where she lives she doesn't have good cellular service (yet she's on a dating app?).

We all kind of looked at each other in disbelief and shrugged. We didn't bring it up ever again.

Over the following months he'd occasionally comment that his "girlfriend" needs money for her cell phone, for a plane ticket to visit "her mom", money for "school supplies". He had given "his girlfriend" thousands upon thousands of dollars over the time span of just a few months.

One day he commented, "I think she's just using me for my money". It hadn't come into question yet in his mind that this was a scammer.

Then suddenly, without comment, he would appear at work unusually scruffy and unusually stinky. He stopped mentioning his girlfriend ever again. When we mentioned her, he would try to convince us that he "never had a girlfriend" and that we were misremembering things. It was almost like he was in complete denial about the entire experience.

It wasn't until several years later, when we no longer worked together, he would confess it was an African man pretending to be a woman and they had scammed him out of approx. $12,000

Kido Schools, an international nursery business, which is "for parents, by parents", is a fucking nightmare come alive.

6,000 pre-school kids PII being extorted. 20,000 parents PII being extorted.

Look at this fucking slop piece of shit

https://github.com/kido-fullstack/mykido-api/blob/master/mail.py

The fucking developers accidentally exposed some of the internal software suite, left hardcoded SMTP credentials in the code.

This is the fucking slop shit that's protecting children online? Fire everyone immediately

Parents: if you can't find a family member to watch your kids, bring them to a local mom-n-pop nursery type place. Don't bring them to a for-profit international business trying to monetize your children