vx-underground
asdasd13asbz discovered Kimsuky (state-sponsored North Korean hackers) mailspam tool. We've added it to vx-underground. It is named after it's SHA256 hash: bb9c0396a61fa16d8c482a4a17e520fae908aa826e54243da6473494fa5f2305 You can download it here: https://vx…
Very cool. Version 10 👍
👍59🤔16❤12🤣7🔥3
Audio
Someone used AI to make Lockbit ransomware groups statement regarding the FBI takedown ... into an anime-like EDM ... ?
You're all degenerates 😂😂😂
You're all degenerates 😂😂😂
What happened.
On February 19, 2024 penetration testing of two of my servers took place, at 06:39 UTC I found an error on the site 502 Bad Gateway, restarted nginx - nothing changed, restarted mysql - nothing changed, restarted PHP - the site worked. I didn't pay much attention to it, because for 5 years of swimming in money I became very lazy, and continued to ride on a yacht with titsy girls. At 20:47 I found that the site gives a new error 404 Not Found nginx, tried to enter the server through SSH and could not, the password did not fit, as it turned out later all the information on the disks was erased.
Due to my personal negligence and irresponsibility I relaxed and did not update PHP in time, the servers had PHP 8.1.2 version installed, which was successfully penetration tested most likely by this CVE https://www.cvedetails.com/cve/CVE-2023-3824/ , as a result of which access was gained to the two main servers where this version of PHP was installed. I realize that it may not have been this CVE, but something else like 0day for PHP, but I can't be 100% sure, because the version installed on my servers was already known to have a known vulnerability, so this is most likely how the victims' admin and chat panel servers and
🤣153🔥24❤8👍8❤🔥2💯1
This media is not supported in your browser
VIEW IN TELEGRAM
POV: The FBI raids you and finds you relaxing on the bed
🤣171❤19👍7💯3
Malware writing doesn't require programming experience. Just run this random .exe and it'll make any virus you want and it'll be 100% undetected
🤣120👍40🔥11💯11❤3🥰2😁1
Hello.
We've sold 8 vx-underground harddrives. Please buy the remaining 12 because we have way too much packing material.
This isn't a joke.
Thank you,
We've sold 8 vx-underground harddrives. Please buy the remaining 12 because we have way too much packing material.
This isn't a joke.
Thank you,
❤67🤣41😁10👍3
This media is not supported in your browser
VIEW IN TELEGRAM
There is heavy overlap with malware developers and video game cheat developers. When you follow this family tree you end up with the malware developers distant cousin – the video game modder.
Anytime we visit our "distant cousins" we find the strangest things.
Anytime we visit our "distant cousins" we find the strangest things.
🤣131👍15😁7❤3🔥1🤯1🤝1
Sometimes we think about those "recommended cyber security profiles to follow" posts. We've seen dozens of people recommending others to follow us.
We wonder how disappointed they are when they see Chicken Adventure 2 Mods or Boston Dynamic robots holding severed hands. 😭😭
We wonder how disappointed they are when they see Chicken Adventure 2 Mods or Boston Dynamic robots holding severed hands. 😭😭
❤78🤣36😎6👍3🔥3
"How can I learn more about malware?"
Our entire website is malware literature. Browse until something seems interesting and read it. If you don't understand it, search online until it makes sense or read a different paper.
There is no easy route. Stop looking for shortcuts.
Our entire website is malware literature. Browse until something seems interesting and read it. If you don't understand it, search online until it makes sense or read a different paper.
There is no easy route. Stop looking for shortcuts.
❤144👍27👏9🫡7🙏5❤🔥3😢2🤔1🤓1
vx-underground
"How can I learn more about malware?" Our entire website is malware literature. Browse until something seems interesting and read it. If you don't understand it, search online until it makes sense or read a different paper. There is no easy route. Stop looking…
Learning about malware development, reverse engineering, detection, etc. is an entire career field. It is not something you can watch a few YouTube videos on and be set.
Either do it, or don't. The choice is yours.
Either do it, or don't. The choice is yours.
❤119👍20🫡11💯9🤣9🔥5👏3🤓3❤🔥2
The United States FTC has banned non-compete agreements. We look forward to all of you creating a cyber security startup
https://www.ftc.gov/news-events/news/press-releases/2024/04/ftc-announces-rule-banning-noncompetes
https://www.ftc.gov/news-events/news/press-releases/2024/04/ftc-announces-rule-banning-noncompetes
Federal Trade Commission
FTC Announces Rule Banning Noncompetes
❤66👍10🤔7😢5💯4🤣4🤓1
This media is not supported in your browser
VIEW IN TELEGRAM
Often time peoples forget how goofy antivirus companies used to be.
For example: in the mid 2000's when the Kaspersky AV detected malware on your computer it would trigger "Kaspersky Alert Sound 2". It grabbed users attention immediately.
See attached video for soundbites.
For example: in the mid 2000's when the Kaspersky AV detected malware on your computer it would trigger "Kaspersky Alert Sound 2". It grabbed users attention immediately.
See attached video for soundbites.
🤣168👍12❤8😱3🤔1
Today Avast unveiled 'GuptiMiner'.
tl;dr eScan AV, out of India, used HTTP for AV updates, not HTTPS, North Korea man-in-the-middle'd updates to large networks to deliver malware
We give this APT campaign an A+ because it's absurdly well executed
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/
tl;dr eScan AV, out of India, used HTTP for AV updates, not HTTPS, North Korea man-in-the-middle'd updates to large networks to deliver malware
We give this APT campaign an A+ because it's absurdly well executed
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/
Gendigital
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining
Malware Campaign Exploiting Antivirus Updates
👍53🤯16❤13😁11🤣11🔥4😎4🎉2
Yesterday The New York Times unveiled that General Motor's had accidentally enrolled millions of people into its "OnStar Smart Driver+" program. If consumers chose to not enroll through the phone app – it would do it anyways.
Unenrolling requires consumers to contact OnStar customer support line. However, some people do not trust them and have turned to stripping the electronic devices from their car.
The OnStar Smart Driver+ data was being sold to LexisNexis, and insurance companies, to modify insurance rates. The data sold was invasive and logged:
- Number of trips
- Miles driven
- Minutes driven
- Hard-brake vents
- Rapid accelerates
- Speeding events
The reporter from the New York Times requested a copy of their data and received it. See attached image.
Unenrolling requires consumers to contact OnStar customer support line. However, some people do not trust them and have turned to stripping the electronic devices from their car.
The OnStar Smart Driver+ data was being sold to LexisNexis, and insurance companies, to modify insurance rates. The data sold was invasive and logged:
- Number of trips
- Miles driven
- Minutes driven
- Hard-brake vents
- Rapid accelerates
- Speeding events
The reporter from the New York Times requested a copy of their data and received it. See attached image.
👏63👍9🤔7😱7😎7❤3🤯3😢3🤣3😇2
This media is not supported in your browser
VIEW IN TELEGRAM
This morning our Intrusion Detection System (meemaw) identified two (2) highly sophisticated Threat Actors trying to brute force our access portal.
Viewer discretion advised
Viewer discretion advised
🤣169🤯32❤21❤🔥11👍10😁9🤝6🤓3🎉1💯1
Our advice to anyone who wants to get a job in cyber security is to intentionally poop your pants in public.
You need to put yourself in difficult situations to understand how to overcome adversity in the every expanding threat landscape.
You need to put yourself in difficult situations to understand how to overcome adversity in the every expanding threat landscape.
🫡145👍34🤣15❤14😁9🎉6👏4🤔3💯3🤓3🤩1
In Japan – the Fukui Prefectural Police Echizen Police Station have created the "Virus/Trojan horse removal fee payment card" and the "Unpaid charges/delinquent charges payment card".
The fake cards, designed to combat telephone scammers, are positioned intentionally at convenience stores to assist police at identifying victims and safeguarding them from financial harm. When someone tries to purchase the card the police are immediately notified.
Upon placement in stores in November 2023, it immediately stopped 3 elderly people from being scammed in November and December.
No additional information has been released regarding the success rate. However, the police officers who came up with the idea were given a promotion in February, 2024.
Information via TopiLaron, ten_forward, and fukuinpmedia
The fake cards, designed to combat telephone scammers, are positioned intentionally at convenience stores to assist police at identifying victims and safeguarding them from financial harm. When someone tries to purchase the card the police are immediately notified.
Upon placement in stores in November 2023, it immediately stopped 3 elderly people from being scammed in November and December.
No additional information has been released regarding the success rate. However, the police officers who came up with the idea were given a promotion in February, 2024.
Information via TopiLaron, ten_forward, and fukuinpmedia
❤157👍28🤓9🔥7🫡6😁5🤔2🎉1🤩1