February 12, 2025, an unknown Threat Actor was able to compromise a person at the United States Department of Defense.
We have not received information on how the e-mail was compromised and/or what was achieved from the compromise.
We have confirmed the Threat Actor lost access soon after they got access to the e-mail address. However, we have no details as to how long "soon" is.
We have not received information on how the e-mail was compromised and/or what was achieved from the compromise.
We have confirmed the Threat Actor lost access soon after they got access to the e-mail address. However, we have no details as to how long "soon" is.
👍54🔥15😁14❤2😢1🎉1💯1
vx-underground
I would like to share some information with all of you. If you're obese and wanting to lose weight. I heavily recommend shooting manufactured chemicals into your abdomen. In August, 2024 I weighed 280lbs (127kgs) — the heaviest I've ever been in my life.…
Apparently this needs to be said because people expressed concern regarding this post.
This is not medical advice, this is just a personal experience. Consult a doctor and do research. Don't listen to some stinky nerd on the internet. Yada yada yada, drugs are bad
This is not medical advice, this is just a personal experience. Consult a doctor and do research. Don't listen to some stinky nerd on the internet. Yada yada yada, drugs are bad
🤓50🤣20❤8🤔4🤯4😢4👍3🫡3👏1
We're (still) migrating the virus-dot-exchange database.
We've moved 8,915,959 malwares. We have a lot more to move still.
We have malware.
We've moved 8,915,959 malwares. We have a lot more to move still.
We have malware.
❤🔥59🤣15👍6🎉6🤝4🔥2😢2❤1🤓1
Today the United States District Court for the Western District of Washington for Seattle, unsealed case details regarding Cameron John Wagenius a/k/a "kiberphant0m" a/k/a "cyb3rph4nt0m"
The defendant, Mr. Wagenius, has expressed intent to the United States government to plea guilty.
The United States government has noted that Mr. Wagenius unlawfully posted and transferred confidential phone records information of high-ranking public officials. Additionally, Mr. Wagenius sought to flee the United States to a (currently redacted) country to avoid prosecution in the United States. Furthermore, the United States government notes Mr. Wagenius had sold information to an unidentified (*unidentified in the court documents) foreign intelligence service. He performed these actions while being on active duty for the United States Army stationed at Fort Cavazos.
He is currently being held in military custody. He is scheduled to be "separated" from the United States Army in March, 2025. The United States government is requesting Mr. Wagenius immediately be moved over into jail, rather than the custody of his Father. They argue he is a flight risk.
The remainder of the document notes Mr. Wagenius attempting to extort a victim for $500,000 and Mr. Wagenius, when in fear he may soon be arrested, researching how to flee to Russia.
The defendant, Mr. Wagenius, has expressed intent to the United States government to plea guilty.
The United States government has noted that Mr. Wagenius unlawfully posted and transferred confidential phone records information of high-ranking public officials. Additionally, Mr. Wagenius sought to flee the United States to a (currently redacted) country to avoid prosecution in the United States. Furthermore, the United States government notes Mr. Wagenius had sold information to an unidentified (*unidentified in the court documents) foreign intelligence service. He performed these actions while being on active duty for the United States Army stationed at Fort Cavazos.
He is currently being held in military custody. He is scheduled to be "separated" from the United States Army in March, 2025. The United States government is requesting Mr. Wagenius immediately be moved over into jail, rather than the custody of his Father. They argue he is a flight risk.
The remainder of the document notes Mr. Wagenius attempting to extort a victim for $500,000 and Mr. Wagenius, when in fear he may soon be arrested, researching how to flee to Russia.
🤣53😁7👍4❤1😢1
vx-underground
Today the United States District Court for the Western District of Washington for Seattle, unsealed case details regarding Cameron John Wagenius a/k/a "kiberphant0m" a/k/a "cyb3rph4nt0m" The defendant, Mr. Wagenius, has expressed intent to the United States…
Note: We have absolutely zero clear what the United States government is going to do for a United States active-duty servicemen selling information to a United States adversary. We've never seen this before.
🤣64🫡11💯3👍2🤔1😢1
vx-underground
February 23rd, 2025, an unknown Threat Actor(s) compromised a North Korean ... whois record (maybe?), not entirely sure what we're looking at.
More information: https://whois.ipip.net/AS131279
whois.ipip.net
AS131279 STAR-KP - Star Joint Venture Co. Ltd., KP | IPIP.NET
AS131279 STAR-KP - Star Joint Venture Co. Ltd., KP Network Information, IP Address Ranges and Whois Details
🤓32🤝9😢2
winrt_async.cpp
7.2 KB
Copy pasta from X-article so you don't need to use Xitter.
Title: Creating "Ransomware" Using WinRT
This isn't "ransomware".
This is the blueprint for a ransomware testing payload for a "Purple Team" scenario. I am curious of EDR visibility into WinRT (Universal Windows Platform (UWP) apps) — so I crafted a C++ application, which strictly uses WinRT functionality from WINAPI-like-C++, compiled as a WIN32 app, to see how it looks.
This proof-of-concept is essentially a glorified asynchronous file string console printer. What makes it unique is it relying entirely on WinRT from a Win32 app.
WinRT possesses the ability to encrypt files. I opted to not introduce file encryption functionality (although it would be bare-bones, plain password protected) into this proof-of-concept because I think ransomware in general is highly susceptible to abuse even in its most basic forms.
Regardless, I think this code is interesting and I wanted to share it. Maybe it'll inspire someone else to review WinRT more, or someone will pick up this code and experiment with it in an enterprise environment.
- smelly smellington
Title: Creating "Ransomware" Using WinRT
This isn't "ransomware".
This is the blueprint for a ransomware testing payload for a "Purple Team" scenario. I am curious of EDR visibility into WinRT (Universal Windows Platform (UWP) apps) — so I crafted a C++ application, which strictly uses WinRT functionality from WINAPI-like-C++, compiled as a WIN32 app, to see how it looks.
This proof-of-concept is essentially a glorified asynchronous file string console printer. What makes it unique is it relying entirely on WinRT from a Win32 app.
WinRT possesses the ability to encrypt files. I opted to not introduce file encryption functionality (although it would be bare-bones, plain password protected) into this proof-of-concept because I think ransomware in general is highly susceptible to abuse even in its most basic forms.
Regardless, I think this code is interesting and I wanted to share it. Maybe it'll inspire someone else to review WinRT more, or someone will pick up this code and experiment with it in an enterprise environment.
- smelly smellington
❤53🤓20👍8💯4😢2🤝2
Today Mikhail Matveev a/k/a "Wazawaka" a/k/a "RansomBoris" was sentenced today for ransomware-like cybercrime charges in Russia.
Previously, Mr. Matveev acted as the leader of Babuk ransomware group (before shutting down the operation), was a member of Lockbit ransomware group, Conti ransomware group, HIVE ransomware group, and BlackMatter ransomware group. Mr. Matveev was prolific in the ransomware ecosystem and is believed to be behind several high profile ransomware attacks, including ransoming police departments and critical infrastructure in the United States (and abroad, to other European allies of the United States government).
The infamous Wazawaka, FBI Most Wanted, was sentenced to 18 months of "limited freedom". "ограничение свободы" in the Russian Federation penal code is a lesser form of criminal punishment which acts similar to house arrest in the United States.
Restrictions:
- Curfew
- Travel restrictions (cannot leave city or region)
- Contact with probationary officer for check-ins
- Social and/or employment restrictions — prohibited from visiting places such as bars, nightclubs, protests, gambling establishments
Special thanks to ddd1ms for sharing updates on the court case and providing information on the final verdict
Previously, Mr. Matveev acted as the leader of Babuk ransomware group (before shutting down the operation), was a member of Lockbit ransomware group, Conti ransomware group, HIVE ransomware group, and BlackMatter ransomware group. Mr. Matveev was prolific in the ransomware ecosystem and is believed to be behind several high profile ransomware attacks, including ransoming police departments and critical infrastructure in the United States (and abroad, to other European allies of the United States government).
The infamous Wazawaka, FBI Most Wanted, was sentenced to 18 months of "limited freedom". "ограничение свободы" in the Russian Federation penal code is a lesser form of criminal punishment which acts similar to house arrest in the United States.
Restrictions:
- Curfew
- Travel restrictions (cannot leave city or region)
- Contact with probationary officer for check-ins
- Social and/or employment restrictions — prohibited from visiting places such as bars, nightclubs, protests, gambling establishments
Special thanks to ddd1ms for sharing updates on the court case and providing information on the final verdict
😁51❤12😢7👏6❤🔥3👍3🫡3
vx-underground
Today Mikhail Matveev a/k/a "Wazawaka" a/k/a "RansomBoris" was sentenced today for ransomware-like cybercrime charges in Russia. Previously, Mr. Matveev acted as the leader of Babuk ransomware group (before shutting down the operation), was a member of Lockbit…
tl;dr makes hundreds of millions, fbi most wanted, europol most wanted, was sentenced by russian gov to 18 months of probation, cant go to bars and has to be home by 8pm
😁78🤣39🔥14❤9🤝5🥰4😢2😘2🤓1
vx-underground
Employees going onto social media to express confusion over their network being hit by Qilin ransomware Indeed, "Fun day at the office"
After this post we received a follow-up with the individual who posted this image on social media.
This person works at a small US-based car dealership. They don't have an IT department. They don't know how it happened. They were told to remain at home until otherwise specified
This person works at a small US-based car dealership. They don't have an IT department. They don't know how it happened. They were told to remain at home until otherwise specified
🤣63😢11❤1🎉1
Today Citigroup, the 3rd largest bank in the United States, made the largest oopsie-doopsie banking typographical error in history.
Citigroup was supposed to credit a customer with $280
Citigroup instead accidentally sent the customer $81,000,000,000,000
Citigroup was supposed to credit a customer with $280
Citigroup instead accidentally sent the customer $81,000,000,000,000
🤣194🎉18😱10🔥9😁9🤝8❤2👏2👍1😢1
vx-underground
Today Citigroup, the 3rd largest bank in the United States, made the largest oopsie-doopsie banking typographical error in history. Citigroup was supposed to credit a customer with $280 Citigroup instead accidentally sent the customer $81,000,000,000,000
Yes, that's 81 TRILLION dollars — more than double the entire United States debt.
❤65👏15🔥9🤝4👍2😢1