We have over 11,000,000 unique malware samples available for bulk download.
* Named using Kaspersky naming convention
Download available here: https://samples.vx-underground.org/samples/Blocks/
* Named using Kaspersky naming convention
Download available here: https://samples.vx-underground.org/samples/Blocks/
🔥3👍1
We've added a new paper to the vx-underground Windows paper collection
"Azure Outlook Command & Control that uses Microsoft Graph API for C2 communications & data exfiltration" by 0xBoku & C5pider
Check it out here: https://www.vx-underground.org/windows.html#scab
"Azure Outlook Command & Control that uses Microsoft Graph API for C2 communications & data exfiltration" by 0xBoku & C5pider
Check it out here: https://www.vx-underground.org/windows.html#scab
😱3👍2🔥2
"Operation Dragon Castling", which has been targeting companies in South East Asia, has a stage 2 loader named CoreX. CoreX uses the same SYSCALL sorting method created by the folks over at MDSecLabs
Paper API Unhooking via SYSCALL sorting: https://papers.vx-underground.org/papers/VXUG/Mirrors/BypassingUserModeHooksandDirectInvocationofSystemCallsforRedTeams.pdf
Paper on OPERATION DRAGON CASTLING: https://decoded.avast.io/luigicamastra/operation-dragon-castling-apt-group-targeting-betting-companies/
Paper API Unhooking via SYSCALL sorting: https://papers.vx-underground.org/papers/VXUG/Mirrors/BypassingUserModeHooksandDirectInvocationofSystemCallsforRedTeams.pdf
Paper on OPERATION DRAGON CASTLING: https://decoded.avast.io/luigicamastra/operation-dragon-castling-apt-group-targeting-betting-companies/
🔥3
Yesterday AhnLabs reported APT activity targeting South Korean users using one of the oldest tricks in the book: they send a malicious .CHM file masquerading as a legitimate CHM file.
*Malicious .CHMs appeared approx. in 1997
*Malicious .DOCX/XLS appeared approx. in 1999
*Malicious .CHMs appeared approx. in 1997
*Malicious .DOCX/XLS appeared approx. in 1999
🔥7👍1😱1
We have made an additional 2,400,000+ malware samples available for bulk download.
Total available for bulk download: approx. 15,000,000
Have a nice day.
Download: https://samples.vx-underground.org/samples/Blocks/
Total available for bulk download: approx. 15,000,000
Have a nice day.
Download: https://samples.vx-underground.org/samples/Blocks/
👍13🔥7🎉1
Volexity released a paper on a MacOS malware dubbed "GIMMICK". They shared the samples in the blog post! ♥️
We have never seen a company do this before!🥰
Paper: https://www.volexity.com/blog/2022/03/22/storm-cloud-on-the-horizon-gimmick-malware-strikes-at-macos/
We have never seen a company do this before!🥰
Paper: https://www.volexity.com/blog/2022/03/22/storm-cloud-on-the-horizon-gimmick-malware-strikes-at-macos/
Volexity
Storm Cloud on the Horizon: GIMMICK Malware Strikes at macOS
In late 2021, Volexity discovered an intrusion in an environment monitored as part of its Network Security Monitoring service. Volexity detected a system running frp, otherwise known as fast reverse […]
❤4👍2
We've updated the vx-underground Malware Defense paper collection: "Anti-UPX Unpacking Technique" by Shusei Tomonaga
Have a nice day.
Check it out here: https://vx-underground.org/av.html
Have a nice day.
Check it out here: https://vx-underground.org/av.html
❤6🔥4👍1👏1
LAPSUS$ group has been arrested.
More info: https://www.bbc.com/news/technology-60864283
More info: https://www.bbc.com/news/technology-60864283
Bbc
Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal
Police say they've arrested seven teenagers as part of their investigation into a hacking group.
😢18👍7😁4🤔4😱3💩2👎1
This media is not supported in your browser
VIEW IN TELEGRAM
As ransomware groups, such as Lockbit, ALPHV, and HIVE, continue to ramp up operations it is important we review how these groups operate.
😁31🔥6❤3👍3🤮2😱1🤩1💩1
The United States Department of Justice has indicted 4 Russian government employees for attacks against ICS/SCADA in 135 countries. The individuals indicted are alleged to be behind Dragonfly/HAVEX and Dragonfly 2.0.
More information available here: https://www.justice.gov/opa/pr/four-russian-government-employees-charged-two-historical-hacking-campaigns-targeting-critical
More information available here: https://www.justice.gov/opa/pr/four-russian-government-employees-charged-two-historical-hacking-campaigns-targeting-critical
www.justice.gov
Four Russian Government Employees Charged in Two Historical Hacking
The Department of Justice unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted…
👍6👏2
We have made an additional 2,200,000+ malware samples available for bulk download.
Total available for bulk download: approx. 17,000,000
Download: https://samples.vx-underground.org/samples/Blocks/
Total available for bulk download: approx. 17,000,000
Download: https://samples.vx-underground.org/samples/Blocks/
👍6
The developers behind Raccoon Stealer have announced they're temporarily shutting down operations.
They cite the invasion of Ukraine as the reason why they're shutting down. They state key team members are "no longer with us".
They cite the invasion of Ukraine as the reason why they're shutting down. They state key team members are "no longer with us".
😢2👍1
A person being interviewed about a recent ransomware attack against a prestigious Brazilian university wore the vx-underground "Ransomware Aktivist" shirt.
🔥27😁17👍2