Someone just sent me this

You're all a bunch of god damn hooligans

Someone get Tim Apple on the phone and tell him to calm down. MacOS is premium real estate for malware right now.

How DARE THEY implement basic anti-malware techniques >:(

Also, I have a bunch of updates for vx-underground but I'm very eepy and lazy today. I'll sync it later.

Can someone tell TeamPCP to just give me the MsBuild .wav payloads? Everyone online is doing a whacky ass Easter Egg hunt looking for the shit.

Just give me the malware dawg, cmon. I got a baby boy, I don't got the time and energy anymore bro

> wake up
> check computer
> contacted by teampcp
> sends me msbuild and wav payload

its called science

I have been informed by the powers that be (my wife) that I cannot be on the computer today due to legal reasons (I have to run errands).

Please enjoy this poetry by Gary.

What the fuck is going on in Europe?

Who steals 12 TONS of KitKats? What do you even do with that many KitKats?

"I'd eat them".

False. That is impossible.

1 KitKat weights approx. 45g.

1lbs is approx. 450g.

Approx. 10 KitKats in a lbs.

12 tons is 24,000lbs.

That is roughly 240,000 KitKats

1 KitKat is approx. 230 calories.

That is approx. 55,200,000 calories.

The daily recommended calorie intake for an adult is 2,000 calories.

55,200,000 calories is 27,600 days of ideal calorie intake, or roughly 75 years.

March 20th: 15 TONS of gummy candy stolen from semi-trailer in Germany

March 29th: 12 TONS of KitKat bars stolen from Truck leaving Italy en-route to Poland

Who are you people?

Also, I'm not a European, so I don't understand the humor, but I see a bunch of people blaming Romanians. As an American I do not understand it, but apparently this is big humor for Europeans

Okay, before I make a silly post have some context. Rostelecom is the largest telecommunication company in Russia. If you're in the United States, Rostelecom is basically like their AT&T or Verizon. Anyway, Rostelecom has a Cyber Threat Intelligence division called "Solar Group".

Solar Group releases papers frequently on threats (specifically in the malware domain) targeting the Russian Federation.

I enjoy reading it because, as a person residing in the United States, my Threat Feed is usually threats facing people in the United States (or allies of the United States). Reading threats facing the Russian Federation I'm like, "oh no shit? yall too? lmfao das crazyyyy".

My absolute favorite though is reading papers from Chinese or Russian cybersecurity companies where they accuse the United States government of state-sponsored malware campaigns and the United States government is like, "pfffft? Me? No way, dawg. I'm A CHRISTIAN. You ARE THE BAD GUYS. We go to Church EVERY SUNDAY".

Then both the Russian Federation and Chinese government go like: ">:( u bitch"

But then they do the same thing to us, so it's whatever I guess. We're all doing silly shenanigans on the internet.

An example of the silly shenanigans is a Threat Actor who has compromised various law enforcement agencies in the Russian Federation. This Threat Actor is named "Eagle Werewolf" (what country uses the Eagle?).

Eagle Werewolf has been compromising law enforcement agencies in the Russian Federation, specifically exfiltrating data related to internal case files, active investigations, operational plans from law enforcement agencies, and any information on who the Russian Federation is actively investigating. Eagle Werewolf also appears to be attempting to map internal infrastructure and organization hierarchy (who is who in law enforcement, supervisors, general employees, etc).

That's weird. Why would this mysterious "Eagle Werewolf" want this information? Hmmmmm?

vrroooom eagle werewolf

It's funny stuff. When you reside in the United States (and presumably Europe) you always read about the Russian Federation or Chinese government performing cyber state-sponsored operations. It makes us look like a bitch who is getting bullied.

But then you cross the pond on the internet and take a look around and you're like, "hehe ya, we're doing it too actually, our cybersecurity companies just dont discuss it"

As a malware nerd, I am so unimaginably tired of hearing about Stuxnet.

At this point it's propaganda by the United States to showcase supposed American superiority.

I refuse to believe that is the only state-sponsored malware campaign people know about or reference

Back in '84, nerds were developing this stuff with documentation printed on paper back they received physically in the mail.

The crowd collectively shit their pants in awe that someone was capable of doing this.

I just shit my pants thinking about it

Someone unironically recommended I buy a children's book on cybersecurity to read to my son.

I will not subject my son to computer shenanigans. He must forge his own path. His happiness is more important than legacy.

Malware is illegal and for nerds

However, if he wants to malware, I will super charge his brain and inject everything I know about malware and computer shenanigans into his skull and hope he exceeds me in every way possible.

People living inside my computer,

I have updated the website which apparently most of you didn't know existed

I collect malware source code, samples, papers, and builders.

I've added more malware, I've stopped counting, but it's a big number

https://vx-underground.org/Updates

ShinyHunters is ransoming ... HALLMARK CARDS

Those fucking shitty birthday cards you pick up at the drug store ARE BEING HELD RANSOMWARE

WHO RANSOMS BIRTHDAY CARDS

(info via AlvieriD)

Dawg, I saw some stinky nerds discussing this recently identified malicious NPM package

This is, by a significant margin, some of the worst malicious code I've ever seen. I don't mean 'worst' as in dangerous, I mean this code is HOT garbage

https://socket.dev/npm/package/3-ways-how-to-get-free-gems-in-clash-of-clans834/files/1.0.2/package%20gene.py