Today the Israel government dropped flyers over the people of Lebanon.
The Lebanese government warned citizens to not scan the QR codes because they were concerned it could be a way for the Israel government to compromise peoples phones.
I said, "WHAT THE FUCK. FREE MALWARE?" I IMMEDIATELY scanned it. I didn't even hesitate.
All it did was link me to some goofy WhatsApp thingy (I don't have WhatsApp) and it linked me to something called Unit504 on Facebook.
The Lebanese government warned citizens to not scan the QR codes because they were concerned it could be a way for the Israel government to compromise peoples phones.
I said, "WHAT THE FUCK. FREE MALWARE?" I IMMEDIATELY scanned it. I didn't even hesitate.
All it did was link me to some goofy WhatsApp thingy (I don't have WhatsApp) and it linked me to something called Unit504 on Facebook.
π€£124π₯°19π«‘7π5β€4
vx-underground
Today the Israel government dropped flyers over the people of Lebanon. The Lebanese government warned citizens to not scan the QR codes because they were concerned it could be a way for the Israel government to compromise peoples phones. I said, "WHAT THEβ¦
To be fair, it is 100% possible for the Israel government to have a WhatsApp exploit. I tested it from my computer and was disappointed.
β€72π€33π₯°8π’6π5π«‘5π±4
Big shout out to my baby boy. He'll be one years old any day now.
He has unlocked a new skill.
It's opening the refrigerator and pulling things off the bottom shelf and throwing them all over the kitchen floor
He has unlocked a new skill.
It's opening the refrigerator and pulling things off the bottom shelf and throwing them all over the kitchen floor
β€144π€£71π₯°19π11π8π’6π5π€2π1π₯1π―1
Thank you, unknown person on the internet, for e-mailing from a compromised Argentina military e-mail.
I'm sure the Argentina government loves having to perform an internal incident response to discover it has been used to send some random dude on the internet pictures of cats.
I'm sure the Argentina government loves having to perform an internal incident response to discover it has been used to send some random dude on the internet pictures of cats.
π€£158β€28π₯°16π₯6π3β€βπ₯2π1π1
vx-underground
Whenever someone sends me an e-mail from a compromised government e-mail, and I acknowledge it, people get silly and begin sending me e-mails from other compromised government e-mails. Thank you, random person, for the e-mail from a compromised Brazilianβ¦
Yes, I know these are from stealer logs (maybe. I don't know), but sometimes it makes me giggle.
π₯°65π€£15π3β€1π1
Media is too big
VIEW IN TELEGRAM
Hello,
It is time again I sync updates to malware city, the website some of you visit, and some of you don't.
Upload notes will come soon.
In the meantime, enjoy this cool clip from the latest Nicki Minaj song
It is time again I sync updates to malware city, the website some of you visit, and some of you don't.
Upload notes will come soon.
In the meantime, enjoy this cool clip from the latest Nicki Minaj song
π₯°39π€£21β€9π€2π€2π1
vx-underground
Hello, It is time again I sync updates to malware city, the website some of you visit, and some of you don't. Upload notes will come soon. In the meantime, enjoy this cool clip from the latest Nicki Minaj song
Her latest songs are a little angrier and less pop since she has leaned into being a conservative. Regardless, I think it fits her well. I think it's cool she experiments with different sounds and genres.
π₯°40π€£22β€2π€2π1
Hello,
I pushed the malware stuff to that malware website you sometimes visit.
It is Sunday so please spend it with the most important people in your life (your anime action figures)
https://vx-underground.org/Updates
I pushed the malware stuff to that malware website you sometimes visit.
It is Sunday so please spend it with the most important people in your life (your anime action figures)
https://vx-underground.org/Updates
β€46π€£18π₯°6
> check tele
> "smelly i think someone sent me malware"
> "they sent me weird .zip"
> "be careful"
> wtf i love malware
> download file
> look inside
> .txt + alternate data stream file
> ads doesnt work with 7z
> ok lol
> look inside
> 7z x "dox[.]zip" -so > payload.vbs
> winhttp request to github
> github\minecraftstuff\discordemojis.txt
> download discordemojis.txt
> look inside
> heavily obfuscated .bat file
> bonk with stick
> powershell script
> ???
> checks for av stuff
> does steganography
> downloads from ibb.co
> look inside
> quasar rat
> hides in made fonts directory in roaming
most work ive seen put into a malware payload in awhile with 2 stages and stego, usually its FAKE_GAME_INSTALLER.JPEG.EXE
> "smelly i think someone sent me malware"
> "they sent me weird .zip"
> "be careful"
> wtf i love malware
> download file
> look inside
> .txt + alternate data stream file
> ads doesnt work with 7z
> ok lol
> look inside
> 7z x "dox[.]zip" -so > payload.vbs
> winhttp request to github
> github\minecraftstuff\discordemojis.txt
> download discordemojis.txt
> look inside
> heavily obfuscated .bat file
> bonk with stick
> powershell script
> ???
> checks for av stuff
> does steganography
> downloads from ibb.co
> look inside
> quasar rat
> hides in made fonts directory in roaming
most work ive seen put into a malware payload in awhile with 2 stages and stego, usually its FAKE_GAME_INSTALLER.JPEG.EXE
π₯°86π€£49β€10π₯8π«‘4
vx-underground
> check tele > "smelly i think someone sent me malware" > "they sent me weird .zip" > "be careful" > wtf i love malware > download file > look inside > .txt + alternate data stream file > ads doesnt work with 7z > ok lol > look inside > 7z x "dox[.]zip" -soβ¦
didnt even dawn on me this was CVE-2025-8088
- n-day
- multi-staged payload
- stego usage
- quasar???
wtf lol
- n-day
- multi-staged payload
- stego usage
- quasar???
wtf lol
π€£54β€16π₯°7π₯1