vx-underground
Image 1. Website with uBlock Origin on Image 2. Website with uBlock Origin off uBlock Origin IS PREVENTING US FROM FREE MALWARE
I'm torn mentally, physically, and maybe a little bit sexually.
I hate advertisements. On the other hands, I like malware. I don't know what to do. I am forsaken.
I hate advertisements. On the other hands, I like malware. I don't know what to do. I am forsaken.
β€73π€£22π5π€4π’4π₯°3π―2π1
vx-underground
> be me > "smelly is this malware?" > download file > file.exe > click to rename file > accidentally hit enter > detonate malware on personal pc chat, ive accidentally detonated an information stealer on my pc. brb
shout out to salat stealer for having my banking information right now
π99π€£34β€9π6π₯°5π3β€βπ₯1
vx-underground
> be me > "smelly is this malware?" > download file > file.exe > click to rename file > accidentally hit enter > detonate malware on personal pc chat, ive accidentally detonated an information stealer on my pc. brb
What do I do in this scenario?
1. Disconnect from internet
2. Sigh, take a huge rip off my vape
3. Blame the keyboard, not me.
4. Remove the .exe, any persistence mechanism on my machine
5. Angrily reset all my passwords
6. Refuse to use a VM in the future, I'm not a coward
1. Disconnect from internet
2. Sigh, take a huge rip off my vape
3. Blame the keyboard, not me.
4. Remove the .exe, any persistence mechanism on my machine
5. Angrily reset all my passwords
6. Refuse to use a VM in the future, I'm not a coward
π€£173π19β€14π₯°9π―6π3π3β€βπ₯2π1π’1
I guess the only thing more embarrassing than accidentally detonating an information stealer payload on your computer, while trying to remove the .exe file extension, is reviewing the payload closer and seeing it comes with cartoon pornography (I've censored it) and an image of a random woman
π€£164π’12π€10β€7π€―7π₯4π₯°3π±2π2π1π1
vx-underground
"Why are you reverse engineering malware on your main PC? Why don't you use a VM? If you used a VM you wouldn't have infected yourself"
Okay, the silly shenanigans are over. I've repaired the damage done to my box. Overall this was a very whimsical Saturday.
For people new to this account:
Do I really not use a VM when doing malware analysis? Yes. I have a VM, but I don't know, I get lazy. I throw the malware in a random directory called like, "sgsdggggg" (I type random letters on the keyboard) and start poking it.
Is this the first time I've detonated malware on my computer? No. I've detonated ransomware (REvil), some suspected state-sponsored malware from the Russian government (APT28), a crypto-miner, and now this.
I also once messed up an rsync command and synced my tax documents to the staff at DEFCON. They expected malware, instead they got my birth certificate, my tax returns, and some other various documents.
Do I panic? No, I deal with malware every single day. I collect malware, reverse engineer malware, write malware, etc. It is more annoying than actually concerning. The only time I was genuinely concerned was when I detonated REvil because I usually don't make backups (I'm not a coward).
Basically, I'm a jackass who has gotten way too comfortable with malware and you should not do what I do.
For people new to this account:
Do I really not use a VM when doing malware analysis? Yes. I have a VM, but I don't know, I get lazy. I throw the malware in a random directory called like, "sgsdggggg" (I type random letters on the keyboard) and start poking it.
Is this the first time I've detonated malware on my computer? No. I've detonated ransomware (REvil), some suspected state-sponsored malware from the Russian government (APT28), a crypto-miner, and now this.
I also once messed up an rsync command and synced my tax documents to the staff at DEFCON. They expected malware, instead they got my birth certificate, my tax returns, and some other various documents.
Do I panic? No, I deal with malware every single day. I collect malware, reverse engineer malware, write malware, etc. It is more annoying than actually concerning. The only time I was genuinely concerned was when I detonated REvil because I usually don't make backups (I'm not a coward).
Basically, I'm a jackass who has gotten way too comfortable with malware and you should not do what I do.
π€£167β€25π€12π―8β€βπ₯3π2π€2π1π’1π1
I get so many DMs, emails, and comments on social media of people calling me a cat
It's some sort of deep state psyop by silly cat picture to make me a furry
It's not going to work. Stop calling me a cat and stop asking me to meow you goobers
It's some sort of deep state psyop by silly cat picture to make me a furry
It's not going to work. Stop calling me a cat and stop asking me to meow you goobers
π₯°116π25π7β€6π―6π₯1π’1π€£1
This media is not supported in your browser
VIEW IN TELEGRAM
β€106π₯°28π€£14π’7π3
vx-underground
Video
I know you expected a post about malware, or something, but I've been battling demons (trying to get a baby to sleep) and I've got nothing.
I did however find this video to be cute and silly, so I decided to share it
I did however find this video to be cute and silly, so I decided to share it
β€87π₯°25π12π5π€£5π4π€2π’1
The best thing about being a Dad is that now I can dress like Dad
I just purchased several pairs of cargo shorts and button up shirts I intend on tucking in.
I just purchased several pairs of cargo shorts and button up shirts I intend on tucking in.
β€122π41π8π€£6β€βπ₯4π₯°4π4π₯3π’3π2π«‘1
GTV VI leaks reportedly show the pricing for the game at $25,999
Gamers can take out a loan from Rockstar Games official banking app, or get a 2% discount if they pay in full at checkout
They have options available if you have no credit or poor credit
Gamers can take out a loan from Rockstar Games official banking app, or get a 2% discount if they pay in full at checkout
They have options available if you have no credit or poor credit
π160π€£63β€19π₯9π€4π±3π2π₯°2π€©2π’1
Randomly remembered when one of the developers of the IcedId botnet successfully bribed Ukrainian police to forge his death certificate to avoid being arrested
That is so unbelievably cool and badass.
That is so unbelievably cool and badass.
π122π€£46π―14π₯6π₯°6β€4π2β€βπ₯1
Two members of the infamous Scattered Spider group (a sub-group of ALPHV ransomware group) have plead guilty to the attack on TfL (Transport for London).
Thalha Jubair, 20 (image 1) and Owen Flowers, 18 (image 2).
Flowers was initially released from custody on strict conditions, which the courts note he violated on two occasions in March, 2025 and May, 2025.
According to the National Crime Agency, Mr. Jubair and Mr. Flowers initially intended to take their cases to a trial in Woolwich Crown Court. However, both individuals later switched to a guilty plea.
Both individuals are scheduled for sentencing July 16th, 2026.
While both fall under the United Kingdom's Computer Misuse Act, and is capable of delivering life in prison for both individuals, due to their young age and guilty plea, Mr. Jubair and Mr. Flowers are likely facing 10 years in prison.
Images via United Kingdom National Crime Agency, see subsequent post for more information and case details.
Thalha Jubair, 20 (image 1) and Owen Flowers, 18 (image 2).
Flowers was initially released from custody on strict conditions, which the courts note he violated on two occasions in March, 2025 and May, 2025.
According to the National Crime Agency, Mr. Jubair and Mr. Flowers initially intended to take their cases to a trial in Woolwich Crown Court. However, both individuals later switched to a guilty plea.
Both individuals are scheduled for sentencing July 16th, 2026.
While both fall under the United Kingdom's Computer Misuse Act, and is capable of delivering life in prison for both individuals, due to their young age and guilty plea, Mr. Jubair and Mr. Flowers are likely facing 10 years in prison.
Images via United Kingdom National Crime Agency, see subsequent post for more information and case details.
π€£84π12β€8π€7π±5π’4
vx-underground
Two members of the infamous Scattered Spider group (a sub-group of ALPHV ransomware group) have plead guilty to the attack on TfL (Transport for London). Thalha Jubair, 20 (image 1) and Owen Flowers, 18 (image 2). Flowers was initially released from custodyβ¦
More information: https://www.nationalcrimeagency.gov.uk/news/cyber-criminals-who-hacked-into-transport-for-londons-computer-network-are-convicted
www.nationalcrimeagency.gov.uk
Cyber criminals who hacked into Transport for London's computer network are convicted
Two young men have admitted mounting a cyber attack on Transport for London (TfL), which cost tens of millions of pounds...
β€11π’3
Hello
1. If you're reading this, that means you live inside my computer. Please leave my computer. You are stinking the place up.
2. I am syncing 150,000+ malwares to the internet. Please download the malware.
3. I now possess 14TB (7z ultra compressed) of malware
1. If you're reading this, that means you live inside my computer. Please leave my computer. You are stinking the place up.
2. I am syncing 150,000+ malwares to the internet. Please download the malware.
3. I now possess 14TB (7z ultra compressed) of malware
π₯129β€31π±12π€£11π7π’6π«‘5β€βπ₯2π₯°1
A person operating under the moniker "mizanthropiaz" compromised the Brazilian governments Emergency Alert System in Sao Paulo, Rio, and Brasilia. The Threat Actor sent a notification to hundreds of thousands of people which read "misanthropi4".
More details have emerged regarding the compromise, and truthfully, it is terrifying. The Brazilian government is extremely secure and it is quite remarkable any living person could have gotten past their enhanced security measures.
"mizanthropiaz" found a username and password login to the Brazilian governments Emergency Alert System. The username and password was present because an employee working there accidentally infected themselves with malware in 2016.
The employee there did not change the password in over 10 years.
But, after the employee accidentally infected their computer with malware, did they change their password? No.
But, did the Brazilian government do IP address blacklisting which would prevent unauthorized devices from accessing the Emergency Alert System? No.
But, did the Brazilian government require a VPN connection to authenticate to the Emergency Alert System because it's a government network? No.
But, did the Brazilian government require MFA (e-mail, text, or Authenticator Code)? No.
But, did the Brazilian government send notifications on new devices connecting? No.
But, did the Brazilian government issue alerts on password changes or password change requests? No.
But, did the Brazilian government require e-mail verification prior to changing or resetting passwords? No.
But, did the Brazilian government have rate-limiting to prevent brute-force attacks? No.
But, did the Brazilian government introduce a CAPTCHA to prevent brute-force attacks? Yes, but it was 2+2 and it never changed. It always asked "2+2="
But, did the Brazilian government require password complexity to make brute-forcing difficult? No, the password to the Brazilian government employee was the same as their username.
More details have emerged regarding the compromise, and truthfully, it is terrifying. The Brazilian government is extremely secure and it is quite remarkable any living person could have gotten past their enhanced security measures.
"mizanthropiaz" found a username and password login to the Brazilian governments Emergency Alert System. The username and password was present because an employee working there accidentally infected themselves with malware in 2016.
The employee there did not change the password in over 10 years.
But, after the employee accidentally infected their computer with malware, did they change their password? No.
But, did the Brazilian government do IP address blacklisting which would prevent unauthorized devices from accessing the Emergency Alert System? No.
But, did the Brazilian government require a VPN connection to authenticate to the Emergency Alert System because it's a government network? No.
But, did the Brazilian government require MFA (e-mail, text, or Authenticator Code)? No.
But, did the Brazilian government send notifications on new devices connecting? No.
But, did the Brazilian government issue alerts on password changes or password change requests? No.
But, did the Brazilian government require e-mail verification prior to changing or resetting passwords? No.
But, did the Brazilian government have rate-limiting to prevent brute-force attacks? No.
But, did the Brazilian government introduce a CAPTCHA to prevent brute-force attacks? Yes, but it was 2+2 and it never changed. It always asked "2+2="
But, did the Brazilian government require password complexity to make brute-forcing difficult? No, the password to the Brazilian government employee was the same as their username.
π143π€£58β€26π₯°16π6π4β€βπ₯2π₯2π1π€1
This media is not supported in your browser
VIEW IN TELEGRAM
> be spaceX employee
> be rustled
> say spaceX sucks
> go on dread
> advertise being an insider threat
> verified by dread as being legit spaceX employee
> offer access to ransomware groups
> everyone see it
> everyone on telegram talking about it
> be rustled
> say spaceX sucks
> go on dread
> advertise being an insider threat
> verified by dread as being legit spaceX employee
> offer access to ransomware groups
> everyone see it
> everyone on telegram talking about it
π₯100π±20β€11π₯°11π9β€βπ₯4π€£3π€―2π’2π―2