No, that's not a bunny. Stop being ignorant. That is an ultra rare Russian Forest Jumppity Cat

We're releasing a super top secret TLP:RED document. It is a secret wallpaper. It is password protected.

https://vx-underground.org/tmp

tl;dr 49,000,000 customer records stolen from DELL. Additional information and statistics in attached link.

May 9th DELL began sending notifications to customers stating their personal information was stolen in breach. Data stolen includes customer order data, warranty information, service tags, customer names, installation locations, customer phone number, and order number.

BleepingComputer spoke with the Threat Actor, operating under the moniker Menelik, who initially tried selling the stolen data. In summary, they became an authorized partner in 24hrs - 48hrs using (using presumably bogus information) and began brute forcing the DELL partner API with 7-digit service tags looking for valid data.

They reportedly were sending 5,000 API requests a minute for 3 weeks. DELL took no action stopping the API brute forcing.

Read the full story and get more information here: https://www.bleepingcomputer.com/news/security/dell-api-abused-to-steal-49-million-customer-records-in-data-breach/

When we initially heard the news about this breach it seemed insignificant because it was removed from Breached. Shout out to Lawrence Abrams and Bleeping Computer for doing their due diligence and researching this compromise more.

One thing we have learned over the years is nerds hate ads. Nerds will fight you to death over ads.

We say this because it's been announced EA games will soon begin putting ads inside of their video games.

More information: https://www.tomshardware.com/video-games/ea-is-looking-at-adding-in-game-ads-in-aaa-games-well-be-very-thoughtful-as-we-move-into-that-says-ceo

We've recently had an influx of people asking if @LockbitRewards on Telegram is the Federal Bureau of Investigation. Yes, it is actually the FBI. If you Google "LockbitRewards" you'll find it listed by the United States Department of Justice and United States Department of State.

If you decide to message them we advise you do not self-snitch. It is poor practice to openly admit crimes directly to the FBI.

(someone thought it was a gag account and was actually self-snitching)

Hello, how are you?

Next week we have hundreds of malware reverse engineering papers to add, some malware development papers, and thousands of malware samples.

But, today is the day of rest. We will see all of you on Monday

Please don't do anything crazy.

Love you

Order 1972,

Congratulations! You're the first person ever to receive this error from our merchandise producer.

50 character e-mail address? Really?

Hello,

We've updated the vx-underground paper collection. We've added 118 new malware analysis papers courtesy of our friends at malpedia. It's too much to list, but it's a doozy.

New malware development papers:
- 2012-09-19 - Knockin on Heavens Gate - Dynamic Processor Mode Switching
- 2020-02-03 - Hooking Heavens Gate - a WOW64 hooking technique
- 2022-07-16 - Process Injection using QueueUserAPC Technique in Windows

The staff at XSS have a good sense of humor

Hello,

Exciting news.

In case you missed it, earlier today an individual requested a refund via PayPal for a vx-underground harddrive. They failed to read the e-mails we sent them. The PayPal inquiry hurt our wallet, because we don't have a lot of money.

In an extreme act of kindness many of you came together and donated money to us to make up for our loss. We made our money back in less than 30 minutes.

May 19th, on our 5 year anniversary, we are going to giveaway $1,000 of the limited edition vx-underground 5 year anniversary shirt (5 horsemen of the apocalypse, the attached image) and 1 vx-underground HDD (13TB of malware, all our papers, etc).

Thank you everyone for the supreme act of kindness. See you Sunday 🫡🫡🫡

Today a Threat Actor operating under the moniker IntelBroker, and (presumably) his associates, claimed to compromised Patriot Mobile.

Patriot Mobile has self-described itself as "America's only Christian, Conserative wireless provider" – based out of Grapevine, Texas.

The data exfiltrated is roughly 65,000 users PII which includes:
- Account PIN
- Full name
- Email
- Credit Score
- Address
- Date of Birth
- Last 4 digits of social security number
- Account balance
- Referrer
and more...

The information disclosed is not something terribly detrimental to the security of customers of Patriot Mobile. It's primary usage for abuse would be aiding in doxxing someone.

Although unrelated, this is the 2nd time recently where a conservative organization (the first being conservative news outlet The Post Millennial) was compromised.

After reviewing some of the exfiltrated data it is also mildly interesting that the website has checkout discount codes labeled: "Glenn Beck", "Donald Trump Jr.", "Blaze", and "Rightside Broadcast Network (Trump Rally)"

Good morning,

Yes, we have heard the news about the owner of Doxbin allegedly being kidnapped and beaten. Yes, we have also received messages saying its a paid actor and an attempt to 'detrace' himself.

Thank you to everyone who notified us.

Love you ♥️

Note: we don't know what's the truth and what isn't. It's Wednesday, my dudes

Last post of the morning. We've got work to do.

tl;dr nerds enumerated the merch site trying to pre-buy the 5 year anniversary shirt. Some of you found it. If you try to buy it and it's botched that's on you. You can tell it's in the preview phase because BradleyVX wrote it's delivered by horse.

Why would you want to pre-buy an item that may not even be working? It says its delivered by a horse like it's the 1700's

You're all degenerates and we love you for it.

BreachForum has been seized again.

The current display page states the forum is now in control of the United States Federal Bureau of Investigation and is being reviewed.

It also displays a photo of the current administrators Telegram profile pictures, but behind bars.

The Breach telegram is now under control of the United States Federal Bureau of Investigation

Waiting for the Department of Justice to issue a statement regarding the Breached takedown