October 24th, 2022 an account on Doxbin operating under the alias "pedohunters" released a lengthy article on an individual operating under the alias "Rabid" a/k/a "Rabid7997".

February 8th, 2024 the identity of "Rabid" was confirmed - the United States Department of Justice arrested Richard Anthony Reyna Densmore of Kaleva, Michigan.

The United States Department of Justice unveiled details of this individuals sadism - he forced children to perform acts of self-harm on Discord for sexual gratification.

Due to the severity of his crimes he is currently facing life in prison.

More information: https://www.justice.gov/usao-wdmi/pr/2024_0208_R_Densmore_Indictment

February 9th, 2024 the United States Department of Justice announced the arrest of two individuals behind WarzoneRAT.

- Daniel Meli, 27, of Zabbar, Malta
- Prince Onyeoziri Odinakachi, 31, of Nigeria

They are being charged with conspiracy, obtaining authorized access to protected computers to obtain information, illegally selling an interception device, and illegally advertising an interception device.

They are facing up to 20 years in prison.

More information: https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales

We've updated the vx-underground Windows malware paper collection

- 2021-07-23 - Modifying MS Office security warnings
- 2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer
- 2024-02-08 - Deep Dive Into Exploiting Windows Thread Pools

We've updated the vx-underground malware families collection

- AgentTesla
- Amadey
- Android.Chameleon
- Android.WyrmSpy
- AsyncRAT
- AveMaria
- DarkGateLoader
- GootLoader
- INCRansomware
- IPStorm
- LummaStealer
- Nanocore
- Pikabot
- RecordBreaker
- Remcos
- Stealc

CrowdStrike placed an ad in the Super Bowl.

We're not up to date with the current Threat Actor lore with them, but it appears as if one of the individuals in the commercial is the infamous Scattered Spider (the tall one with the curly blonde hair)

We are preparing for Valentine's day. We are now known as vx-uwu

Dudes ransomed a small family owned bakery 😭

Ransoming their way to $50 and a bag of freshly baked cookies

Group: 8base
Approx. Time: 22:38 11/02/24
Title: LILI'S BROWNIES

We've updated the vx-underground Windows malware paper collection

- 2023-12-21 - InsightEngineering - Advanced Windows Debugging
- 2024-01-06 - Token stealing with Syscalls only
- 2024-01-15 - Undocumented DISM properties

ALPHV ransomware group has taken credit for attacks on critical infrastructure in the United States and Spain

- 2023-12-18 - Lower Valley Energy, an electricity provider in the United States
- 2024-02-12 - Sercide, an electricity provider in Spain

We found NATO's Jira access portal online. It said you can request access via the form URL. We have requested access to NATO.

News outlets are now describing ransomware attacks by mattress size

NATO has shutdown access requests forms for their Jira board.

ALPHV has lost their god damn mind

NATO Jira creds stolen from an Infostealer 😭😭