Malware Ingestion statistics, August 2024:
2024-08-01: 15,604
2024-08-02: 13,593
2024-08-03: 12,354
2024-08-04: 12,679
2024-08-05: 12,245
2024-08-06: 12,914
2024-08-07: 14,432
2024-08-08: 15,054
2024-08-09: 13,625
2024-08-10: 20,955
2024-08-11: 23,064
2024-08-12: 22,850
2024-08-13: 19,464
2024-08-14: 15,219
2024-08-15: 114,050
2024-08 -16: 70,162
2024-08-17: 93,572
2024-08-18: 138,520
2024-08-19: 178,314
2024-08-20: 87,425
2024-08-21: 146,435
2024-08-22: 306,526
2024-08-23: 208,720
2024-08-24: 133,827
2024-08-25: 7,533
2024-08-26: 19,108
2024-08-27: 18,980
2024-08-28: 21,085
2024-08-29: 16,032
2024-08-30: 17,327
2024-08-31: 17,620
Total: 1,821,596
Size: 230GB (7z Ultra compressed)
2024-08-01: 15,604
2024-08-02: 13,593
2024-08-03: 12,354
2024-08-04: 12,679
2024-08-05: 12,245
2024-08-06: 12,914
2024-08-07: 14,432
2024-08-08: 15,054
2024-08-09: 13,625
2024-08-10: 20,955
2024-08-11: 23,064
2024-08-12: 22,850
2024-08-13: 19,464
2024-08-14: 15,219
2024-08-15: 114,050
2024-08 -16: 70,162
2024-08-17: 93,572
2024-08-18: 138,520
2024-08-19: 178,314
2024-08-20: 87,425
2024-08-21: 146,435
2024-08-22: 306,526
2024-08-23: 208,720
2024-08-24: 133,827
2024-08-25: 7,533
2024-08-26: 19,108
2024-08-27: 18,980
2024-08-28: 21,085
2024-08-29: 16,032
2024-08-30: 17,327
2024-08-31: 17,620
Total: 1,821,596
Size: 230GB (7z Ultra compressed)
🔥50🫡9🎉8😁5👍3❤2👏2💯1
Yesterday someone wrote that Lockbit ransomware group is making a training course. Is this true?
tl;dr no
1. LockbitSupp a/k/a Dimitry Yuryevich Khoroshev is a Russian national who has stolen an estimated $400,000,000 via ransomware. Does he need money by producing and selling a training course? Probably not.
2. According to the United States Federal Bureau of Investigation and United Kingdom National Crime Agency, Lockbit ransomware group had affiliates who were members of EvilCorp, an infamous Russian-based malware crime family who the family is estimated to have made hundreds of millions of dollars. EvilCorp is believed to have ties to the Russian FSB. Does he need money by producing and selling a training course? Probably not.
3. LockbitSupp does not speak English well. Why would he write a course in English? (in the photo shared it was written in English, native English with virtually no typos or funky spelling)
4. The photo shared mentioned Breached. LockbitSupp is not associated with Breached. He is a Russian national, does not speak English well, and does not traditionally trust foreigners (or anyone really, except maybe his most esteemed ransomware affiliates). His primary forum platforms for communication and recruitment has been Exploit and RAMP
5. We asked Lockbit if he was making a training course, he said no. Note his native English (sarcasm, a native English speaker would write, "no, why do you ask?")
tl;dr no
1. LockbitSupp a/k/a Dimitry Yuryevich Khoroshev is a Russian national who has stolen an estimated $400,000,000 via ransomware. Does he need money by producing and selling a training course? Probably not.
2. According to the United States Federal Bureau of Investigation and United Kingdom National Crime Agency, Lockbit ransomware group had affiliates who were members of EvilCorp, an infamous Russian-based malware crime family who the family is estimated to have made hundreds of millions of dollars. EvilCorp is believed to have ties to the Russian FSB. Does he need money by producing and selling a training course? Probably not.
3. LockbitSupp does not speak English well. Why would he write a course in English? (in the photo shared it was written in English, native English with virtually no typos or funky spelling)
4. The photo shared mentioned Breached. LockbitSupp is not associated with Breached. He is a Russian national, does not speak English well, and does not traditionally trust foreigners (or anyone really, except maybe his most esteemed ransomware affiliates). His primary forum platforms for communication and recruitment has been Exploit and RAMP
5. We asked Lockbit if he was making a training course, he said no. Note his native English (sarcasm, a native English speaker would write, "no, why do you ask?")
👍72🤣37❤6👏5😁2🤯2😢1
vx-underground
Yesterday someone wrote that Lockbit ransomware group is making a training course. Is this true? tl;dr no 1. LockbitSupp a/k/a Dimitry Yuryevich Khoroshev is a Russian national who has stolen an estimated $400,000,000 via ransomware. Does he need money by…
In summary: the person who claimed Lockbit ransomware group was making a training course was doing it as a publicity stunt (probably) to attract people to their training course (crime focused?).
We give it a 7/10. It fooled some people.
We give it a 7/10. It fooled some people.
😁69🤣23😎11👏5😢4👍3
> be fall season
> get chilly outside
> turn off air conditioning
> get on pc
> compress 150gb blobs of malware
> office becomes inescapable fiery hell
> turn ac back on
> entire house freezing cold
> office still burning hot
¯\_(ツ)_/¯
> get chilly outside
> turn off air conditioning
> get on pc
> compress 150gb blobs of malware
> office becomes inescapable fiery hell
> turn ac back on
> entire house freezing cold
> office still burning hot
¯\_(ツ)_/¯
🔥102🤣35🤝6❤4😢3🤓2👍1🤔1
vx-underground
The wayback machine has been compromised. See you all in HIBP!
Note:
Final update and confirmations:
The compromise has been confirmed via BleepinComputer and TroyHunt. 31,000,000 users impacted. There is no confirmed information on how the site was compromised. No Threat Actor(s) have been attributed to the compromise. More information is available on their respective social media platforms. More information will probably become available in the following hours or days.
Unrelated to the defacement and compromise, Sn_darkmeta claims to have been DDoSing Internet Archive. They state they're DDoSing the website because the United States government supports Israel and The Internet Archive belongs (?) to the United States.
Final update and confirmations:
The compromise has been confirmed via BleepinComputer and TroyHunt. 31,000,000 users impacted. There is no confirmed information on how the site was compromised. No Threat Actor(s) have been attributed to the compromise. More information is available on their respective social media platforms. More information will probably become available in the following hours or days.
Unrelated to the defacement and compromise, Sn_darkmeta claims to have been DDoSing Internet Archive. They state they're DDoSing the website because the United States government supports Israel and The Internet Archive belongs (?) to the United States.
🤣175😱27😢20🤯16🤔10👍7❤🔥1❤1
We woke up to hate mail.
Some people believe we're responsible for DDoS and/or compromise of The Internet Archive. We did not DDoS and/or compromise The Internet Archive
Regardless, thanks for calling us mentally handicapped and saying we should commit suicide.
Some people believe we're responsible for DDoS and/or compromise of The Internet Archive. We did not DDoS and/or compromise The Internet Archive
Regardless, thanks for calling us mentally handicapped and saying we should commit suicide.
🥰162🤣69😢28💯9👏7👍4🤯3❤🔥2😁2🤓2🎉1
vx-underground
We woke up to hate mail. Some people believe we're responsible for DDoS and/or compromise of The Internet Archive. We did not DDoS and/or compromise The Internet Archive Regardless, thanks for calling us mentally handicapped and saying we should commit suicide.
We're not entirely sure what is happening right now, but we suspect this person thinks we are responsible for the attacks against The Internet Archive.
It also has 94,000 likes and 1.8M views
It also has 94,000 likes and 1.8M views
🤣312😁18🤔10😢10❤5👏4👍2😱2💯2🎉1🤓1
vx-underground
> go online > see internet archive defaced > comment on the ddos / compromise > give more information in follow up post > non-nerds find post > blame us
Thank you to everyone for the kind words and for defending us.
Truthfully, we aren't upset by these remarks. The post was made in our typical fashion and was directed toward our target audience. Whenever something we post escapes the information security ecosystem, information tends to bend and warp. It isn't surprising non-technical people who are unfamiliar with our work would misconstrue our commentary.
Some people who made the hateful remarks have apologized, others continued to criticize us saying our post was intentionally (or unintentionally) misleading. We personally did not believe this is something which could mislead people as we were directly quoting the wording in the compromise. However, it is evident we were painfully wrong.
We are sure things will calm down soon. The internet moves very fast and people outside the information security ecosystem will drift back into their circles of interest.
There is also a joke to be made somewhere regarding the hateful comments directed toward us on October 10th, World Mental Health Day, probably. We'll let someone more creative than us make the memes.
Anyway, back to work.
Have a nice day
Truthfully, we aren't upset by these remarks. The post was made in our typical fashion and was directed toward our target audience. Whenever something we post escapes the information security ecosystem, information tends to bend and warp. It isn't surprising non-technical people who are unfamiliar with our work would misconstrue our commentary.
Some people who made the hateful remarks have apologized, others continued to criticize us saying our post was intentionally (or unintentionally) misleading. We personally did not believe this is something which could mislead people as we were directly quoting the wording in the compromise. However, it is evident we were painfully wrong.
We are sure things will calm down soon. The internet moves very fast and people outside the information security ecosystem will drift back into their circles of interest.
There is also a joke to be made somewhere regarding the hateful comments directed toward us on October 10th, World Mental Health Day, probably. We'll let someone more creative than us make the memes.
Anyway, back to work.
Have a nice day
❤🔥137🤣30👍17❤15🫡10🙏3🤓2
Unfortunately, as we grow in size we continue to see less tech-savy individuals who do not understand the malware nomenclature.
Moving forward we will make translations.
Translation:
Sad we getting big but dumb mfers come here mad as hell and now we gotta use littler words
Moving forward we will make translations.
Translation:
Sad we getting big but dumb mfers come here mad as hell and now we gotta use littler words
🤣173👏16❤8🫡4🤔2😢2💯2👍1
vx-underground
Unfortunately, as we grow in size we continue to see less tech-savy individuals who do not understand the malware nomenclature. Moving forward we will make translations. Translation: Sad we getting big but dumb mfers come here mad as hell and now we gotta…
Apologies — we failed to use a comma and we fear our translation may be misleading to some.
Translation:
my bad lol i forgot the , in the sentence, i dont want mfers thinkin we sad that we blowin up lol, fr we blessed
Translation:
my bad lol i forgot the , in the sentence, i dont want mfers thinkin we sad that we blowin up lol, fr we blessed
🥰93🎉13🤣10🔥6😁6😢4😎2🤔1
There is literally no reason why we should possess 30,335,219 malwares (growing as this is being written).
This 'collecting' thing is getting out-of-hand.
This 'collecting' thing is getting out-of-hand.
👍63😁38😢10😎5🔥4❤1
vx-underground
There is literally no reason why we should possess 30,335,219 malwares (growing as this is being written). This 'collecting' thing is getting out-of-hand.
Seriously? What the hell are we going to do with it? We don't analyze it (we do sync it with some vendors), we only reverse maybe 0.00000001% of the samples.
What the hell are we doing? Why hasn't someone said something? We literally just have terabytes of malware hangin' around
What the hell are we doing? Why hasn't someone said something? We literally just have terabytes of malware hangin' around
🤣124🔥17👍14😁9🎉7🫡7😢6❤2😎1
Good morning,
- We've got a bunch of papers in queue, no idea when we'll push them to prod
- Estimated daily malware ingestion is 450,000 samples
- Winners for the swag giveaway will be selected throughout the weekend. We wanted to let people continue posting critters
Thanks,
- We've got a bunch of papers in queue, no idea when we'll push them to prod
- Estimated daily malware ingestion is 450,000 samples
- Winners for the swag giveaway will be selected throughout the weekend. We wanted to let people continue posting critters
Thanks,
🤣43🔥9💯6😁1😢1