Russia-based Cyber Threat Intelligence firms do not list Lockbit or Babuk ransomware group as financially motivated or state-sponsored Threat Actors - they're tools. See attached image #3 for list of known ransomware groups 🤔🤔🤔🤔
🤔73😁9🥰5👍3❤2❤🔥2😱2
In the entire document Lockbit is noted 7 times, Conti is listed 4 times, ALPHV is never mentioned. There references to Lockbit are often looked over as a note, not really described in detail. They're seen as 'encryption programs'.
🤣45🤔25❤1
We are postponing vx-underground trivia night to March 15th, 2024. Helen got COVID19 😭
😢110🤣35❤15👍8🤓4🤝2😎2🥰1🤔1
Today it was announced Akira Toriyama, the creator of Dragon Ball, passed away. Today will act as an international day of mourning for all Dragon Ball nerds for all memories and memes Mr. Toriyama brought us.
More information: https://en.dragon-ball-official.com/news/01_2499.html
More information: https://en.dragon-ball-official.com/news/01_2499.html
DRAGON BALL OFFICIAL SITE
[Information ; Dear Friends and Partners] | DRAGON BALL OFFICIAL SITE
<div><div class="row js-setGallery rel-base c-gallery" baserel="531hdaqmpdg"> <d
😢179🫡88🤣8❤4🎉4🤓2👍1🔥1
Let's address the elephant in the room.
If a ransomware group resided in the United States, publicly swore allegiance to the United States and all allies of the United States, and only deployed ransomware to Russia — would Law Enforcement or Cyber Threat Intelligence care?
If a ransomware group resided in the United States, publicly swore allegiance to the United States and all allies of the United States, and only deployed ransomware to Russia — would Law Enforcement or Cyber Threat Intelligence care?
🤔158👍26😁21🫡9❤7🤯6👏3😍3🔥2🤣2😎1
vx-underground
Let's address the elephant in the room. If a ransomware group resided in the United States, publicly swore allegiance to the United States and all allies of the United States, and only deployed ransomware to Russia — would Law Enforcement or Cyber Threat…
Our opinion: probably not. However, they would 100% care about the money laundering and/or tax evasion. The United States IRS doesn't mess around. They WILL get their money one way or another.
❤78🤓31😁22🤣19👍13💯11🔥1👏1
Hello,
If you like vx-underground please consider donating. Every dollar helps us and allows us to do cool stuff like archive more malware, archive more stuff from pacer, and do giveaways.
Thank you. I love you.
Become a monthly donor here: https://donorbox.org/vxug-monthly
If you like vx-underground please consider donating. Every dollar helps us and allows us to do cool stuff like archive more malware, archive more stuff from pacer, and do giveaways.
Thank you. I love you.
Become a monthly donor here: https://donorbox.org/vxug-monthly
donorbox.org
Support VXUG Monthly | vx-underground (Powered by Donorbox)
Donating to vx-underground monthly is a way for us to continue to generate monthly income, pay for servers, technologies, etc. that we use to ensure individuals can continue to get access to information malware related for free without gatekeeping...
👍41❤26🤓8🥰4😎3🔥2🫡2😁1
"Can a .txt file be malicious?"
Short answer: No
Long answer: Anything is possible through the power of Windows HKEY_CLASSES_ROOT
Short answer: No
Long answer: Anything is possible through the power of Windows HKEY_CLASSES_ROOT
🔥129😁39🤓23👍16🤣13❤7❤🔥5
vx-underground
"Can a .txt file be malicious?" Short answer: No Long answer: Anything is possible through the power of Windows HKEY_CLASSES_ROOT
tl;dr modify shell open command (default) to malicious payload with subsequent invocation of text editor + parameters. The .txt file won't be malicious, but the thing responsible for opening them will be
¯\_(ツ)_/¯
¯\_(ツ)_/¯
🤓112❤16👍8🤣7❤🔥1
Hello, how are you?
Apologies for the delays. We've been knee deep in lame stuff — real-world responsibilities, or something. Anyway, we've got a bunch of nerd news to share, list of content additions, things we need to upload to the VXDB and more.
Full list of additions below...
Family Updates:
- AveMaria
- Azorult
- BlackwoodLoader
- CherryLoader
- Grandoreiro
- IcedId
- KasseikaRansomware
- KrustyLoader
- MortisLocker
- QakBot
- SmokeLoader
- SubtlePaws
- VileLoader
- WikiLoader
- YoungLotus
Collection Updates:
- Virussign.2024.03.06
- Virussign.2024.03.07
- Virussign.2024.03.08
- Virussign.2024.03.09
- Virussign.2024.03.10
- Virussign.2024.03.11
- Virussign.2024.03.12
Malware Analysis Papers:
- 119 new papers added for 2024
- 17 new papers added for 2023
- 16 new papers added for 2022
- 6 new papers added for 2021
- 6 new papers added for 2020
- 14 new papers added for years 2011 - 2019
VXDB notes:
- VirusSign and VirusShare recent additions have NOT been synced with VXDB
- Approx. sync date is 2024-03-16
Thank you for waiting, sometimes it is difficult running the largest open-source malware repository on the internet.
More to come soon. I love you.
Apologies for the delays. We've been knee deep in lame stuff — real-world responsibilities, or something. Anyway, we've got a bunch of nerd news to share, list of content additions, things we need to upload to the VXDB and more.
Full list of additions below...
Family Updates:
- AveMaria
- Azorult
- BlackwoodLoader
- CherryLoader
- Grandoreiro
- IcedId
- KasseikaRansomware
- KrustyLoader
- MortisLocker
- QakBot
- SmokeLoader
- SubtlePaws
- VileLoader
- WikiLoader
- YoungLotus
Collection Updates:
- Virussign.2024.03.06
- Virussign.2024.03.07
- Virussign.2024.03.08
- Virussign.2024.03.09
- Virussign.2024.03.10
- Virussign.2024.03.11
- Virussign.2024.03.12
Malware Analysis Papers:
- 119 new papers added for 2024
- 17 new papers added for 2023
- 16 new papers added for 2022
- 6 new papers added for 2021
- 6 new papers added for 2020
- 14 new papers added for years 2011 - 2019
VXDB notes:
- VirusSign and VirusShare recent additions have NOT been synced with VXDB
- Approx. sync date is 2024-03-16
Thank you for waiting, sometimes it is difficult running the largest open-source malware repository on the internet.
More to come soon. I love you.
❤66👍15👏7🫡6❤🔥5🔥3😢1