I woke up this morning curious as to what my peers had discovered about this cpuid shenanigans. I was not disappointed.
Several of my peers ripped this thing apart much more thoroughly than I did. I am immensely impressed by how neurotic some of you are when bonking malware with sticks (N3mes1s).
To make a long story short, the cpuid-dot-com compromise, CPU-Z malware, and HWMonitor malware campaign was performed using "STX Rat". STX Rat is a new malware family discovered around early March, 2026, and has been gaining some traction.
Interestingly, a really in-depth analysis of it was published April 8th, 2026 by eSentire (I'll link in subsequent post, research was performed by YungBinary). From my super quick bonking I was correct this cpuid malware campaign does indeed steal credentials. However, what I missed was that it also allows the Threat Actor remote desktop capabilities into your machine.
I also missed some of it's unusual hashing capabilities, .db Powershell persistence method, ... and some other really cool malware technologies it utilizes. This is NOT trash malware. The people who wrote this very clearly know what they're doing.
Very interesting stuff
Several of my peers ripped this thing apart much more thoroughly than I did. I am immensely impressed by how neurotic some of you are when bonking malware with sticks (N3mes1s).
To make a long story short, the cpuid-dot-com compromise, CPU-Z malware, and HWMonitor malware campaign was performed using "STX Rat". STX Rat is a new malware family discovered around early March, 2026, and has been gaining some traction.
Interestingly, a really in-depth analysis of it was published April 8th, 2026 by eSentire (I'll link in subsequent post, research was performed by YungBinary). From my super quick bonking I was correct this cpuid malware campaign does indeed steal credentials. However, what I missed was that it also allows the Threat Actor remote desktop capabilities into your machine.
I also missed some of it's unusual hashing capabilities, .db Powershell persistence method, ... and some other really cool malware technologies it utilizes. This is NOT trash malware. The people who wrote this very clearly know what they're doing.
Very interesting stuff
β€62π₯15π₯°9β€βπ₯4π€3
vx-underground
I woke up this morning curious as to what my peers had discovered about this cpuid shenanigans. I was not disappointed. Several of my peers ripped this thing apart much more thoroughly than I did. I am immensely impressed by how neurotic some of you are whenβ¦
Analysis from eSentire:
https://www.esentire.com/blog/stx-rat-a-new-rat-in-2026-with-infostealer-capabilities
https://www.esentire.com/blog/stx-rat-a-new-rat-in-2026-with-infostealer-capabilities
eSentire
STX RAT: A new RAT in 2026 with Infostealer Capabilities
Learn more about the STX RAT, a newly discovered remote access trojan targeting financial services industry, and learn more about how to protect your organization from this cyber threat.
π₯°26β€8π₯6
Chat, I've changed my mind. We have some problems in the AI department.
It turns out someone compromised the Mexican government to an unbelievable extent using nothing but Claude and ChatGPT. I'll link the full paper in the subsequent post. However, here is the highlights of how an unknown Threat Actor "vibe hacked" the Mexico government.
Data stolen from...
1. SAT (Servicio de Administracion Tributaria) - Federal tax authority:
- 195 million taxpayer records
- 52 million directory records
2. Estado de Mexico - State government:
- 15.5M vehicle registry records
- 3.6M property owner records
3. Registro Civil de CDMX - Mexico City civil registry:
- 220M civil records
4. Jalisco state government:
- 50K patient records
- 17K domestic violence victim records
- 36K healthcare employee records
- 180K digital government records
5. INE (Instituto Nacional Electoral) - National electoral institute:
- 13.8K voter card records
6. Michoacan state government:
- 2.28M property records
- 2K user accounts with plaintext passwords
7. SADM Monterrey (Agua y Drenaje) Municipal water utility:
- 3.5K procurement and vendor records
- 5K procurement bid records
It turns out someone compromised the Mexican government to an unbelievable extent using nothing but Claude and ChatGPT. I'll link the full paper in the subsequent post. However, here is the highlights of how an unknown Threat Actor "vibe hacked" the Mexico government.
Data stolen from...
1. SAT (Servicio de Administracion Tributaria) - Federal tax authority:
- 195 million taxpayer records
- 52 million directory records
2. Estado de Mexico - State government:
- 15.5M vehicle registry records
- 3.6M property owner records
3. Registro Civil de CDMX - Mexico City civil registry:
- 220M civil records
4. Jalisco state government:
- 50K patient records
- 17K domestic violence victim records
- 36K healthcare employee records
- 180K digital government records
5. INE (Instituto Nacional Electoral) - National electoral institute:
- 13.8K voter card records
6. Michoacan state government:
- 2.28M property records
- 2K user accounts with plaintext passwords
7. SADM Monterrey (Agua y Drenaje) Municipal water utility:
- 3.5K procurement and vendor records
- 5K procurement bid records
π€£59β€9π±5π«‘5π₯°2π2π―2π₯1π1
vx-underground
Chat, I've changed my mind. We have some problems in the AI department. It turns out someone compromised the Mexican government to an unbelievable extent using nothing but Claude and ChatGPT. I'll link the full paper in the subsequent post. However, hereβ¦
gambit.security
A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report | Balens Blog
In February, we published our initial findings on the AI-assisted breach of Mexico's government infrastructure, warning of the elevated risk that AI-powered threat actors now pose. A single operator used AI to breach nine Mexican government organizationsβ¦
π₯°26π€£8π±4β€2π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
The United States economy is doing so bad financially motivated Threat Actors don't even want to steal from us Ameriburgers anymore. They're stealing from Mexicans now :(
π’79π€£56π₯°11β€8π€―4π―2π₯1
RockStar Games being extorted (again)
ShinyHunters were able to get data from Rockstar Games by compromising a third-party entity (Anodot) which allowed them to pivot to SnowFlake which allowed them pivot to RockStar Games data.
What data they were able to get is unknown.
ShinyHunters were able to get data from Rockstar Games by compromising a third-party entity (Anodot) which allowed them to pivot to SnowFlake which allowed them pivot to RockStar Games data.
What data they were able to get is unknown.
π₯°67β€10π8π±5π€©4π3π€£3π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
I don't care what those nerds at Kaspersky say, I stand by my opinion STX Rat is a solid B- malware.
Yeah, the cpuid-dot-com operation was a gigantic fumble, but the malware is pretty neat, far superior to the generic crimeware you find online.
I'm happy LTT included the cat
Yeah, the cpuid-dot-com operation was a gigantic fumble, but the malware is pretty neat, far superior to the generic crimeware you find online.
I'm happy LTT included the cat
π88π₯26π18β€11π€£7π₯°4
Read a tragic story today about a 17 year old girl in the United States who died from "excessive caffeine usage".
I felt bad for the parents. If I lost my son I don't think I would be able to cope with the loss of my baby boy.
The story went on to explain the young woman's parents are suing the energy group company (Alani) for not adequately explaining the dangers of caffeine.
I was curious... How much caffeine was she consuming? According to her official death report she died from 200mg of caffeine
200 MG OF CAFFEINE?!
Peace and love to the parents, but dawg 200mg of caffeine isn't fucking shit. That is amateur hour. That is well within the daily recommended limit of caffeine consumption.
I DARE her parents to go to any IT place (cybersecurity, networking, programming, etc) and fucking look around the room for 2 seconds. They would be FLABBERGASTED.
I myself personally consume 600mg - 800mg of caffeine a day.
I know this lady who does malware stuff who unironically drinks coffee ALL DAY LONG. Every other word out here mouth is, "excuse me for a moment, I need to make another pot of coffee", and she's probably ingesting 1.6 GRAMS of caffeine.
One of my colleagues is an ex-military guy WHO DRINKS WORKOUT SUPPLEMENT because his caffeine tolerance is so high.
Don't even get me started on the nerds who take no-doz (caffeine pills).
Then combine all of this caffeine with the nerds drinking alcohol, or smoking cigarettes, or weed, or vape, or Adderall.
Her parents are trying to make a cash grab or something, I don't know bro.
I felt bad for the parents. If I lost my son I don't think I would be able to cope with the loss of my baby boy.
The story went on to explain the young woman's parents are suing the energy group company (Alani) for not adequately explaining the dangers of caffeine.
I was curious... How much caffeine was she consuming? According to her official death report she died from 200mg of caffeine
200 MG OF CAFFEINE?!
Peace and love to the parents, but dawg 200mg of caffeine isn't fucking shit. That is amateur hour. That is well within the daily recommended limit of caffeine consumption.
I DARE her parents to go to any IT place (cybersecurity, networking, programming, etc) and fucking look around the room for 2 seconds. They would be FLABBERGASTED.
I myself personally consume 600mg - 800mg of caffeine a day.
I know this lady who does malware stuff who unironically drinks coffee ALL DAY LONG. Every other word out here mouth is, "excuse me for a moment, I need to make another pot of coffee", and she's probably ingesting 1.6 GRAMS of caffeine.
One of my colleagues is an ex-military guy WHO DRINKS WORKOUT SUPPLEMENT because his caffeine tolerance is so high.
Don't even get me started on the nerds who take no-doz (caffeine pills).
Then combine all of this caffeine with the nerds drinking alcohol, or smoking cigarettes, or weed, or vape, or Adderall.
Her parents are trying to make a cash grab or something, I don't know bro.
π€£77π―23π₯°16π«‘6β€5π₯3π’3π€1
vx-underground
Read a tragic story today about a 17 year old girl in the United States who died from "excessive caffeine usage". I felt bad for the parents. If I lost my son I don't think I would be able to cope with the loss of my baby boy. The story went on to explainβ¦
I guarantee you half you stinky nerds reading this right now have consumed more than 200mg and it's only noon (in parts of the United States).
I'm sorry to her parents, I'd be devastated, but 200mg of caffeine is nothing
I'm sorry to her parents, I'd be devastated, but 200mg of caffeine is nothing
π₯°51π16π€£15π«‘15π₯4π―4β€2π’2π€2
vx-underground
> be me > mentioned by LTT > large YouTube channel > "oh that's cool, I'm on TV" > show the clip where mentioned > check comments I don't want to assume anything, but I think this person dislikes LTT and now dislikes me for being shown on his recent video.
For the record, I'm not mad at this person or bothered by the comment.
The extreme hostility from what I believed to be a relatively benign clip made me audibly laugh.
Bro DOES NOT like LTT.
The extreme hostility from what I believed to be a relatively benign clip made me audibly laugh.
Bro DOES NOT like LTT.
π€©27π20β€3π₯°1