> be me
> have malware idea
> plug phone into pc
> malware detects phone
> automagically steals data off phone
> spend time working on it
> deal with all sorts of dumb shit c winapi
> fails
> ???
> fails
> look inside
> The phone must be in File Transfer (MTP) mode and authorized for WPD (Windows Portable Device) to work
guess who should have read the documentation before doing a bunch of work? (ill give you a hint, its me)
> have malware idea
> plug phone into pc
> malware detects phone
> automagically steals data off phone
> spend time working on it
> deal with all sorts of dumb shit c winapi
> fails
> ???
> fails
> look inside
> The phone must be in File Transfer (MTP) mode and authorized for WPD (Windows Portable Device) to work
guess who should have read the documentation before doing a bunch of work? (ill give you a hint, its me)
π₯°60π€£38π5β€4π±2π«‘2
vx-underground
> be me > have malware idea > plug phone into pc > malware detects phone > automagically steals data off phone > spend time working on it > deal with all sorts of dumb shit c winapi > fails > ??? > fails > look inside > The phone must be in File Transfer (MTP)β¦
I can't even tell you how many times I've explored a malware concept to just:
1. Realize I should have read the documentation
2. Realize Google Project Zero already reversed it
3. Realize some schizo on UnknownCheats reversed it
4. Fail (successfully!)
1. Realize I should have read the documentation
2. Realize Google Project Zero already reversed it
3. Realize some schizo on UnknownCheats reversed it
4. Fail (successfully!)
β€61π―15π₯°8π2
Yeah, so pretty much, like, there is this really sketchy company in Israel named "Paragon". Paragon sells a "product" called GRAPHITE.
Let me explain the background and why this is very silly.
GRAPHITE spyware which allows "customers" to remotely access peoples cell phones and monitor their instant messaging applications such as WhatsApp
It is spyware. It is sometimes called Mercenary Spyware because it is primarily used by governments to spy on political enemies, journalists, and activists.
Very little is known about Paragon, GRAPHITE, and their "customers". However, it was publicly noted by the Trump administration in January, 2025, to be purchased by the United States government and to be used to aid ICE.
Furthermore, in September 2025 the Trump administration noted the usage of Graphite to aid the United States against "domestic terrorist organizations" such as "ANTIFA".
ICE acting director Todd Lyons noted using GRAPHITE to monitor anti-ICE protestors to track "ringleaders and professional agitators".
Citizen Lab and other civil rights organizations have documented the usage of GRAPHITE against individuals in Australia, Canada, Cyprus, Denmark, Israel, Singapore and (unsurprisingly) the United States. It is believed the Canadian government actively uses GRAPHITE in Ontario.
Okay, so why does all of this matter? Yeah, it's super fucked up. But today representatives from Paragon accidentally leaked GRAPHITE screenshots ... ON LINKEDIN. Dawg, that image in the background IS GOVERNMENT FUCKING SPYWARE
It shows phone numbers in Czechia, apps, accounts, media on the phone, "interception status", and phone numbers extracted. THEY LEAKED IT BY ACCIDENT ON LINKEDIN WHILE TAKING SELFIES
Let me explain the background and why this is very silly.
GRAPHITE spyware which allows "customers" to remotely access peoples cell phones and monitor their instant messaging applications such as WhatsApp
It is spyware. It is sometimes called Mercenary Spyware because it is primarily used by governments to spy on political enemies, journalists, and activists.
Very little is known about Paragon, GRAPHITE, and their "customers". However, it was publicly noted by the Trump administration in January, 2025, to be purchased by the United States government and to be used to aid ICE.
Furthermore, in September 2025 the Trump administration noted the usage of Graphite to aid the United States against "domestic terrorist organizations" such as "ANTIFA".
ICE acting director Todd Lyons noted using GRAPHITE to monitor anti-ICE protestors to track "ringleaders and professional agitators".
Citizen Lab and other civil rights organizations have documented the usage of GRAPHITE against individuals in Australia, Canada, Cyprus, Denmark, Israel, Singapore and (unsurprisingly) the United States. It is believed the Canadian government actively uses GRAPHITE in Ontario.
Okay, so why does all of this matter? Yeah, it's super fucked up. But today representatives from Paragon accidentally leaked GRAPHITE screenshots ... ON LINKEDIN. Dawg, that image in the background IS GOVERNMENT FUCKING SPYWARE
It shows phone numbers in Czechia, apps, accounts, media on the phone, "interception status", and phone numbers extracted. THEY LEAKED IT BY ACCIDENT ON LINKEDIN WHILE TAKING SELFIES
π€£110π±20π₯°11β€9π2π₯2π€―2π1
vx-underground
Yeah, so pretty much, like, there is this really sketchy company in Israel named "Paragon". Paragon sells a "product" called GRAPHITE. Let me explain the background and why this is very silly. GRAPHITE spyware which allows "customers" to remotely accessβ¦
If you want to read more about Paragon, GRAPHITE, and governments (illegally) using Mercenary Spyware, read this paper:
https://citizenlab.ca/research/a-first-look-at-paragons-proliferating-spyware-operations/
https://citizenlab.ca/research/a-first-look-at-paragons-proliferating-spyware-operations/
The Citizen Lab
Virtue or Vice? A First Look at Paragonβs Proliferating Spyware Operations - The Citizen Lab
In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferation of Paragon's mercenary spyware operations across the globe. This report includes an infrastructure analysisβ¦
π₯°29β€10π₯4
vx-underground
Yeah, so pretty much, like, there is this really sketchy company in Israel named "Paragon". Paragon sells a "product" called GRAPHITE. Let me explain the background and why this is very silly. GRAPHITE spyware which allows "customers" to remotely accessβ¦
Oh, I'm also really, really, really, sorry to DrWhax. This is his photo he took from LinkedIn and he was the first to note it. I got lost in the sauce and forgot to tag him and give him credit.
I'm sorry, DrWhax. That is 100% my bad. When I saw your post I lost my mind.
I'm sorry, DrWhax. That is 100% my bad. When I saw your post I lost my mind.
π₯°55π6β€5
I was sitting here and I was like, "I wonder if those nerds have decoded more Epstein attachments".
Today mqudsi decoded legal documents sent between Epstein and his legal representative Alan Dershowitz.
He even got the original metadata back (time, date, computer)
Today mqudsi decoded legal documents sent between Epstein and his legal representative Alan Dershowitz.
He even got the original metadata back (time, date, computer)
π₯°59π18π₯9β€6π±6π2
vx-underground
I was sitting here and I was like, "I wonder if those nerds have decoded more Epstein attachments". Today mqudsi decoded legal documents sent between Epstein and his legal representative Alan Dershowitz. He even got the original metadata back (time, dateβ¦
Dawg, these computer forensic nerds do NOT fuck around. They're decoding decades old documents from fucked up e-mail scans so accurately they're getting the original metadata
π₯°85π€25π14β€6π5π4π₯1
I've been witnessing a trend whereas non-nerds, or schizo nerds, seem to be under the impression virtually everything is AI generated.
My comment section has been littered with non-core audience people asserting:
- News articles are AI generated (fake in totality, never happened)
- My profile is AI generated (???)
- Images shared are AI generated (memes, video edits, etc). They're edits, but not AI
AI has destroyed the normal person's mind and they appear incapable of differentiating AI from reality.
It is absolutely fascinating. It's like we're watching a science experiment in real time.
My comment section has been littered with non-core audience people asserting:
- News articles are AI generated (fake in totality, never happened)
- My profile is AI generated (???)
- Images shared are AI generated (memes, video edits, etc). They're edits, but not AI
AI has destroyed the normal person's mind and they appear incapable of differentiating AI from reality.
It is absolutely fascinating. It's like we're watching a science experiment in real time.
π’100β€16π₯°12π€£8π―5π4π€2π€―1
vx-underground
I've been witnessing a trend whereas non-nerds, or schizo nerds, seem to be under the impression virtually everything is AI generated. My comment section has been littered with non-core audience people asserting: - News articles are AI generated (fake inβ¦
Oh, and since the Epstein files apparently EVERYTHING is a government psyop. Literally fucking everything. It's like someone dropped a schizo bomb on the internet and now everyone has lost their mind
It's cool and badass
It's cool and badass
π₯°86π22β€11π₯5π€4π±1π―1
i really like malware
β€148π₯°40π€26π±7π―7π«‘5β€βπ₯4π4π₯4π€£3π€2
Xitter removed the light blue color scheme. The only options are 'dark' theme and 'light' theme.
Both look like shit.
This entire site is going to hell in a hand basket. This has ruined my day, possibly my entire life, I don't know yet.
Both look like shit.
This entire site is going to hell in a hand basket. This has ruined my day, possibly my entire life, I don't know yet.
π€£55π’9π₯°5π4β€1π€1
vx-underground
Xitter removed the light blue color scheme. The only options are 'dark' theme and 'light' theme. Both look like shit. This entire site is going to hell in a hand basket. This has ruined my day, possibly my entire life, I don't know yet.
Someone get that fucking Nickle guy on the horn, whatever the fuck his name is, and tell him to revert these changes.
Oh, you can change the fucking themes but you can't stop the Chinese state-sponsored propaganda or the 200 OnlyFan's spam messages I get a day?
Oh, you can change the fucking themes but you can't stop the Chinese state-sponsored propaganda or the 200 OnlyFan's spam messages I get a day?
π€£38π«‘7β€5π―4π₯°1
Mildly interesting
In NTDLL there is RtlCheckSandboxedToken.
RtlCheckSandboxedToken is a wrapper for NtQueryInformationToken with the TokenIsAppContainer flag from the TOKEN_INFORMATION_CLASS enum.
returning non-zero means the application is sandboxed, in an app container, or running as a protected process.
In NTDLL there is RtlCheckSandboxedToken.
RtlCheckSandboxedToken is a wrapper for NtQueryInformationToken with the TokenIsAppContainer flag from the TOKEN_INFORMATION_CLASS enum.
returning non-zero means the application is sandboxed, in an app container, or running as a protected process.
π₯°21β€7π€―4π€£2π₯1
> be sinobi ransomware group
> have ransomware "blog"
> use to extort companies
> list halcyon.ai
> "WE RANSOMED THE ANTI RANSOMWARE COMPANY"
> look inside
> not halcyon.ai
> ransomed halcyontek
> mfw they dont know who theyre extorting
> have ransomware "blog"
> use to extort companies
> list halcyon.ai
> "WE RANSOMED THE ANTI RANSOMWARE COMPANY"
> look inside
> not halcyon.ai
> ransomed halcyontek
> mfw they dont know who theyre extorting
π€£44π₯°5β€4
vx-underground
> be sinobi ransomware group > have ransomware "blog" > use to extort companies > list halcyon.ai > "WE RANSOMED THE ANTI RANSOMWARE COMPANY" > look inside > not halcyon.ai > ransomed halcyontek > mfw they dont know who theyre extorting
dawg, if youre going to be an internationally wanted cybercrime organization involved in extortion, money laundering, aggravated identify theft, CFAA violations, etc AT LEAST extort the right people
how you gonna extort someone you have no data for???
how you gonna extort someone you have no data for???
π€£34β€4π₯°4