Hello,
If you're a tiny person living inside my computer, and also by chance like malware, I have added more malware to malware city.
Approx. 250,000 malwares have been added. I also added some more malware analysis stuff. More stuff is coming.
https://vx-underground.org/Updates
If you're a tiny person living inside my computer, and also by chance like malware, I have added more malware to malware city.
Approx. 250,000 malwares have been added. I also added some more malware analysis stuff. More stuff is coming.
https://vx-underground.org/Updates
β€79π€―13β€βπ₯9π6π₯°3π1
I have some cool malware proof of concepts I'm working on. They're pretty cool and kind of undocumented.
My problem is I have carpal tunnel and (playful) amounts of nerve damage.
I need someone to lend me their hands. Give me your hands.
My problem is I have carpal tunnel and (playful) amounts of nerve damage.
I need someone to lend me their hands. Give me your hands.
π87π€30β€11π«‘11π6π3π₯°1
I've updated my personal website malwaresourcecode.com.
I've added new ways to do the following:
- CaplockString
- CopyMemory
- StringCompare
- StringConcat
- StringLength
- ZeroMemory
You're probably thinking, "why do i give a fuck about this? this all standard crt stuff". The answer is: "idk lol". I like exploring different ways to do things. It is interesting to me.
I'm currently working on a way to download files from a remote host using NdrClientCall3 (RPCs with IBackgroundCopyJob) and ended up falling down a weird rabbit hole.
Maybe you'll find it mildly interesting, maybe you're rolling your eyes because it is kind of goofy to find seven different ways to zero fill a buffer.
But is it goofy I have 18 different ways to hash a string? Yes, it is still goofy, but I admire it for some reason.
Cheers,
I've added new ways to do the following:
- CaplockString
- CopyMemory
- StringCompare
- StringConcat
- StringLength
- ZeroMemory
You're probably thinking, "why do i give a fuck about this? this all standard crt stuff". The answer is: "idk lol". I like exploring different ways to do things. It is interesting to me.
I'm currently working on a way to download files from a remote host using NdrClientCall3 (RPCs with IBackgroundCopyJob) and ended up falling down a weird rabbit hole.
Maybe you'll find it mildly interesting, maybe you're rolling your eyes because it is kind of goofy to find seven different ways to zero fill a buffer.
But is it goofy I have 18 different ways to hash a string? Yes, it is still goofy, but I admire it for some reason.
Cheers,
π₯°58β€23β€βπ₯11π€£7π₯5π’1
That guy who made OpenClaw is now working at OpenAI.
What does this mean? Probably nothing.
What does it mean if you're an AI hype bro? This. Changes. Everything. Subscribe to my newsletter
What does this mean? Probably nothing.
What does it mean if you're an AI hype bro? This. Changes. Everything. Subscribe to my newsletter
π€£162π18π₯7β€4β€βπ₯3π₯°2π1
Being an AI hype bro and a crypto bro at the same time is like mixing Fentanyl with Xanax
Both will ruin your life and probably kill you
Both will ruin your life and probably kill you
β€106π52π―17π₯°4π3β€βπ₯2
Sometimes I think about the time some people from this group called QAnon accused me and ThugCrowd of being a Biden psyop to put people in "FEMA concentration camps".
It's been years and I'm still confused by it.
It's been years and I'm still confused by it.
β€βπ₯41π€£32π€5π₯°4β€3π1
This media is not supported in your browser
VIEW IN TELEGRAM
Yes, this is why RAM prices are expensive
Yes, I am part of the problem
No, I don't care. If the normies can make dumb AI dance slop I can consume silly kitty cat AI slop.
Yes, I am part of the problem
No, I don't care. If the normies can make dumb AI dance slop I can consume silly kitty cat AI slop.
π₯°114π’39β€14π5π―5π1
Individuals at Google, META, Discord, and Reddit have anonymously shared information with the New York Times regarding the United States Department of Homeland Security issuing subpoenas on individuals who track and criticize ICE.
The United States government is wanting information in individuals such as private messages, phone numbers, e-mails, etc.
The New York Times confirmed the validity of the subpoenas after receiving several copies which the tech companies received.
If the tech companies decide to comply with the subpoena, the individuals are alerted and have 14 days to fight the United States government in court.
The United States Department of Homeland security did not immediately respond to all questions from the New York Times. However, they assert they have "broad administrative subpoena authority" and the subpoenas are designed to ensure ICE agents remain safe in the field.
The United States government is wanting information in individuals such as private messages, phone numbers, e-mails, etc.
The New York Times confirmed the validity of the subpoenas after receiving several copies which the tech companies received.
If the tech companies decide to comply with the subpoena, the individuals are alerted and have 14 days to fight the United States government in court.
The United States Department of Homeland security did not immediately respond to all questions from the New York Times. However, they assert they have "broad administrative subpoena authority" and the subpoenas are designed to ensure ICE agents remain safe in the field.
π’63π€£28β€βπ₯12β€7π₯°3π1
vx-underground
Individuals at Google, META, Discord, and Reddit have anonymously shared information with the New York Times regarding the United States Department of Homeland Security issuing subpoenas on individuals who track and criticize ICE. The United States governmentβ¦
I did not link directly to the article because it is paywalled (as is tradition). If you're a person who bypasses paywalls, or have a subscription to the New York Times, can you read about it here:
https://www.nytimes.com/2026/02/13/technology/dhs-anti-ice-social-media.html
https://www.nytimes.com/2026/02/13/technology/dhs-anti-ice-social-media.html
NY Times
Homeland Security Wants Social Media Sites to Expose Anti-ICE Accounts
The department has sent Google, Meta and other companies hundreds of subpoenas for information on accounts that track or comment on Immigration and Customs Enforcement, officials and tech workers said.
π32π₯°9β€4π’3π₯2
Last time on Dragon Ball Z: Paragon employees accidentally unveiled the GRAPHITE spyware panel to the world when taking selfies for LinkedIn.
GRAPHITE is spyware sold to governments to perform espionage on targets.
Paragon has officially commented on the matter by stating the OPSEC mistake was a "tiny price to pay, in relation to the contribution of female empowerment".
Paragon, what the fuck are you talking about???
GRAPHITE is spyware sold to governments to perform espionage on targets.
Paragon has officially commented on the matter by stating the OPSEC mistake was a "tiny price to pay, in relation to the contribution of female empowerment".
Paragon, what the fuck are you talking about???
π€£177β€14π₯°5π2π’2
vx-underground
Last time on Dragon Ball Z: Paragon employees accidentally unveiled the GRAPHITE spyware panel to the world when taking selfies for LinkedIn. GRAPHITE is spyware sold to governments to perform espionage on targets. Paragon has officially commented on theβ¦
Dawg, you're selling fucking spyware to governments to spy on people who criticize the government or oppose them. What the fuck does female empowerment have to do with this? What the fuck kind of virtue signaling misdirection bullshit is this
β€93π€£68π―28π₯°5π1π€©1
The Windows COM (Component Object Model) at first glance seems like a nightmare, primarily because it's so poorly documented, but once you get the hang of it, it makes complete sense.
Once you get the hang of it you see all the possibilities for malware or evasion. It's a rich environment with tons of super cool and unexplored concepts. You feel like an archeologist exploring the decaying insides of the Windows Operating System.
Another problem, in my opinion, is Windows does such a piss poor job explaining how it works. They provide these massive fuck off documents, but most of it is noise and will rarely apply to what you're actually wanting or needing.
Overall I give the Windows COM three (3) cat pictures because it's such a cool technology. However, I will subtract three (3) cat pictures because newer components of Windows irritate me.
Once you get the hang of it you see all the possibilities for malware or evasion. It's a rich environment with tons of super cool and unexplored concepts. You feel like an archeologist exploring the decaying insides of the Windows Operating System.
Another problem, in my opinion, is Windows does such a piss poor job explaining how it works. They provide these massive fuck off documents, but most of it is noise and will rarely apply to what you're actually wanting or needing.
Overall I give the Windows COM three (3) cat pictures because it's such a cool technology. However, I will subtract three (3) cat pictures because newer components of Windows irritate me.
β€70π«‘10π7π€£7π’3π₯°1
> be me
> snuggling with baby boy
> best feeling in world
> happy to be a Dad
> fall asleep
> sort of wake up
> feel baby boy wiggling
> "haha hes getting comfy"
> feel pressure on my eyes
> wtf
> move head a little
> feel pressure on eyes
> wake up
> open eyes
> baby boy staring straight into my soul
> hes breathing heavy
> trying to shove his little fingers in my eye sockets
> wtf.exe
> "what are you doing???"
> he laughs
> puts his fingers up my nose
> move head
> he laughs
> he leans in
> bites my face
> ????
> snuggling with baby boy
> best feeling in world
> happy to be a Dad
> fall asleep
> sort of wake up
> feel baby boy wiggling
> "haha hes getting comfy"
> feel pressure on my eyes
> wtf
> move head a little
> feel pressure on eyes
> wake up
> open eyes
> baby boy staring straight into my soul
> hes breathing heavy
> trying to shove his little fingers in my eye sockets
> wtf.exe
> "what are you doing???"
> he laughs
> puts his fingers up my nose
> move head
> he laughs
> he leans in
> bites my face
> ????
β€152π35π€£32π₯°10β€βπ₯3π’2π―1
I read about OpenClaw.
I still don't understand the purpose. Can someone seriously explain to me the purpose of this AI assistant? I reviewed the different "skills" it offers and it makes literally zero sense.
This can be used to automate ... messages to other people? Like on Slack, or Discord, or Telegram? Check the weather? Do stuff with Stripe? I don't understand the purpose.
Why would I need something to automatically deal with instant messaging clients? Am I missing something? Even if you don't NEED it, why would you WANT it?
I DON'T UNDERSTAND
I still don't understand the purpose. Can someone seriously explain to me the purpose of this AI assistant? I reviewed the different "skills" it offers and it makes literally zero sense.
This can be used to automate ... messages to other people? Like on Slack, or Discord, or Telegram? Check the weather? Do stuff with Stripe? I don't understand the purpose.
Why would I need something to automatically deal with instant messaging clients? Am I missing something? Even if you don't NEED it, why would you WANT it?
I DON'T UNDERSTAND
π84π―48π€£8β€4π€3π2π€2π1π₯°1
vx-underground
I read about OpenClaw. I still don't understand the purpose. Can someone seriously explain to me the purpose of this AI assistant? I reviewed the different "skills" it offers and it makes literally zero sense. This can be used to automate ... messages toβ¦
I'm not being rhetorical and I'm not trying to be critical. I see so many people discussing it and hyping it up. I've skimmed the documentation, reviewed some of the skills, but ... it JUST DOESN'T MAKE SENSE TO ME
I'm sitting here like, "why do I need an AI agent to respond to people on Discord or Slack or Telegram for me? What if it makes a mistake? What if someone abuses it?"
I don't understand the purpose and I don't place arbitrary trust into AI stuff. I'm not even being a hater, I can't wrap my head around this thing conceptually.
I'm sitting here like, "why do I need an AI agent to respond to people on Discord or Slack or Telegram for me? What if it makes a mistake? What if someone abuses it?"
I don't understand the purpose and I don't place arbitrary trust into AI stuff. I'm not even being a hater, I can't wrap my head around this thing conceptually.
π―97π€13π8β€6π«‘6π₯°4π3π₯2π1
Mark Zuckerberg a/k/a shape shifting lizard man, has patented spooky internet ghost technology. Amazing.
By training off your data, AI can emulate your existence on social media after you've died.
Ever miss Grandmas schizo racist posts? Your heroin addict cousin getting into arguments with family members because he owes them money? Want to be constantly reminded of your friend tragic death?
With Meta spooky internet ghost technology this is possible! Yay!
By training off your data, AI can emulate your existence on social media after you've died.
Ever miss Grandmas schizo racist posts? Your heroin addict cousin getting into arguments with family members because he owes them money? Want to be constantly reminded of your friend tragic death?
With Meta spooky internet ghost technology this is possible! Yay!
π₯°81π€£56β€10π6β€βπ₯5π₯5π±5π3π’2
If Palantir was actually compromised DarkWebInformer or S0ufi4n3 would be shouting from the roof tops. They'd tell everyone.
They'd dig up the corpse of Queen Elizabeth II and scream in the skeletons face Palantir has been compromised.
They'd dig up the corpse of Queen Elizabeth II and scream in the skeletons face Palantir has been compromised.
π€£63π16β€6π₯°2π±1π’1
Okay, so Kim Dotcom made a post online saying he has information about Palantir being compromised.
I am extremely skeptical of these claims.
My initial post escaped my core audience (as is tradition) so I am going to be a little more verbose and explain stuff.
Compromising a large institution such as Palantir is not something some random guy down the street can do. Palantir is large and has many moving parts. In other words, Palantir does not store all of it's information on one computer and in a crusty old hard drive somewhere.
Palantir (presumably) has data segregated meaning not all data is one place. Different types of data is going to be stored in different locations (in the cloud, or physically on-premise). Hence, a compromise of Palantir which would unveil ALL DATA would require two things:
- Extreme skill
- Extreme patience
This sort of compromise is not something that happens in a day. This sort of compromise is something which would take weeks, months, or maybe even years depending on the objective. Historically, when large compromises toward large institutions occur it is almost exclusively performed by state-sponsored Threat Groups (hackers funded by governments), or in some more rare scenarios, financially motivated Threat Actors (ransomware, extortionists).
If Palantir was compromised, it would be EXTREMELY unusual for a state-sponsored group or financially motivated group to make it exclusive to one individual person. Rarely do state-sponsored Threat Groups notify influencers, or journalists, ... or anyone really of their objectives. They're funded by governments. Governments do not care about clout. IF a state-sponsored group does notify someone, they typically do mass e-mails to journalists (for misinformation, disinformation, or fearmongering, some sort of strategic objective, they don't do it to look cool).
If it was performed by a financially motivated Threat Group they will almost immediately discuss it online in their domain of choice. For example, many Threat Actors who compromise places may sell access on forums such as Exploit, TierOne, or Breached (or whatever is adjacent to Breached). Alternatively, ransomware groups post about it on their personal website to try to extort or intimidate victims. However, no discussion of Palantir has appeared in any of these places.
Okay... so no signs from financially motivated Threat Actors... and it would be really unusual for a state-sponsored Threat Actor to make it exclusive to one person... is there anything else weird about this? Yes.
If Palantir was compromised it would be unusual for ANY group of Threat Actors to notify anyone immediately after a compromise. By notifying Kim Dotcom, or whoever, they're sounding the metaphorical alarm. Palantir is going to immediately order a DFIR (Digital Forensics and Incident Response) and begin an internal audit. Things are going to be locked down. If someone compromised Palantir why would they burn access so quickly? Why would they notify someone so quickly? They're leaving an audit trail.
There is a lot of speculation, little evidence, and things not really making a whole lot of sense.
Is it possible Kim Dotcom is telling the truth? Yes.
Is it likely? No.
Is it possible Kim Dotcom THINKS it's real, but it's NOT real? Yes, that is more likely to be true. It would not surprise me if he is (intentionally, or unintentionally) participating in a misinformation campaign.
Pic unrelated
I am extremely skeptical of these claims.
My initial post escaped my core audience (as is tradition) so I am going to be a little more verbose and explain stuff.
Compromising a large institution such as Palantir is not something some random guy down the street can do. Palantir is large and has many moving parts. In other words, Palantir does not store all of it's information on one computer and in a crusty old hard drive somewhere.
Palantir (presumably) has data segregated meaning not all data is one place. Different types of data is going to be stored in different locations (in the cloud, or physically on-premise). Hence, a compromise of Palantir which would unveil ALL DATA would require two things:
- Extreme skill
- Extreme patience
This sort of compromise is not something that happens in a day. This sort of compromise is something which would take weeks, months, or maybe even years depending on the objective. Historically, when large compromises toward large institutions occur it is almost exclusively performed by state-sponsored Threat Groups (hackers funded by governments), or in some more rare scenarios, financially motivated Threat Actors (ransomware, extortionists).
If Palantir was compromised, it would be EXTREMELY unusual for a state-sponsored group or financially motivated group to make it exclusive to one individual person. Rarely do state-sponsored Threat Groups notify influencers, or journalists, ... or anyone really of their objectives. They're funded by governments. Governments do not care about clout. IF a state-sponsored group does notify someone, they typically do mass e-mails to journalists (for misinformation, disinformation, or fearmongering, some sort of strategic objective, they don't do it to look cool).
If it was performed by a financially motivated Threat Group they will almost immediately discuss it online in their domain of choice. For example, many Threat Actors who compromise places may sell access on forums such as Exploit, TierOne, or Breached (or whatever is adjacent to Breached). Alternatively, ransomware groups post about it on their personal website to try to extort or intimidate victims. However, no discussion of Palantir has appeared in any of these places.
Okay... so no signs from financially motivated Threat Actors... and it would be really unusual for a state-sponsored Threat Actor to make it exclusive to one person... is there anything else weird about this? Yes.
If Palantir was compromised it would be unusual for ANY group of Threat Actors to notify anyone immediately after a compromise. By notifying Kim Dotcom, or whoever, they're sounding the metaphorical alarm. Palantir is going to immediately order a DFIR (Digital Forensics and Incident Response) and begin an internal audit. Things are going to be locked down. If someone compromised Palantir why would they burn access so quickly? Why would they notify someone so quickly? They're leaving an audit trail.
There is a lot of speculation, little evidence, and things not really making a whole lot of sense.
Is it possible Kim Dotcom is telling the truth? Yes.
Is it likely? No.
Is it possible Kim Dotcom THINKS it's real, but it's NOT real? Yes, that is more likely to be true. It would not surprise me if he is (intentionally, or unintentionally) participating in a misinformation campaign.
Pic unrelated
π62π₯°9π€8β€5π―4π₯1
vx-underground
Okay, so Kim Dotcom made a post online saying he has information about Palantir being compromised. I am extremely skeptical of these claims. My initial post escaped my core audience (as is tradition) so I am going to be a little more verbose and explainβ¦
tl;dr big if true
π₯°48π16π«‘6π2β€1