Hello,
Soon I will be off-loading our vx-underground merch stuff to 1336_0ff_by_0ne.
1. Bradley primarily handled merchandise stuff. Unfortunately, Bradley isn't really around anymore due to sickness in his family. His Father is terminally ill (sort of, long story) and is working a full-time job while also simultaneously taking care of his Father. Bradley is a real muthafuckin G, works his fuckin' ass off, and takes care of his family. I love him.
2. I do malware paper collections, malware sample collections, social media posts, ... pretty much everything related to vx-underground. I also do weird dumb goofy shit like spend 16 hours poking Microsoft Copilot with a stick. I also (also) do this while working full-time and having a family. I do not possess the energy to deal with merchandise stuff.
3. 1336 0ff by 0ne is amazing. He does everything by hand (making the merchandise) and he also does the artwork by himself. He's a fucking genius and I love his work.
My plan is to basically off load all vx-underground merchandise to him with him keeping a majority of the profit and myself only getting some pennies, or something. Our current deal with Shopify doesn't give us shit anyway. We make like, $1 off a shirt. If we use 1336 0ff by 0ne then at least someone cool is making money and not some slimy fuck in a suit
Ideally, if I offload this merchandise stuff to 1336 0ff by 0ne we can have cool stuff happen such as:
1. I no longer have to deal with merchandise stuff, I'm busy
2. 1336 0ff by 0ne gets more business. We get some merchandise sales so hopefully people will think his merchandise is cool and badass and he makes some money too.
Look at his Emotet and Lockbit malwear* merchandise. It's cool and badass
Soon I will be off-loading our vx-underground merch stuff to 1336_0ff_by_0ne.
1. Bradley primarily handled merchandise stuff. Unfortunately, Bradley isn't really around anymore due to sickness in his family. His Father is terminally ill (sort of, long story) and is working a full-time job while also simultaneously taking care of his Father. Bradley is a real muthafuckin G, works his fuckin' ass off, and takes care of his family. I love him.
2. I do malware paper collections, malware sample collections, social media posts, ... pretty much everything related to vx-underground. I also do weird dumb goofy shit like spend 16 hours poking Microsoft Copilot with a stick. I also (also) do this while working full-time and having a family. I do not possess the energy to deal with merchandise stuff.
3. 1336 0ff by 0ne is amazing. He does everything by hand (making the merchandise) and he also does the artwork by himself. He's a fucking genius and I love his work.
My plan is to basically off load all vx-underground merchandise to him with him keeping a majority of the profit and myself only getting some pennies, or something. Our current deal with Shopify doesn't give us shit anyway. We make like, $1 off a shirt. If we use 1336 0ff by 0ne then at least someone cool is making money and not some slimy fuck in a suit
Ideally, if I offload this merchandise stuff to 1336 0ff by 0ne we can have cool stuff happen such as:
1. I no longer have to deal with merchandise stuff, I'm busy
2. 1336 0ff by 0ne gets more business. We get some merchandise sales so hopefully people will think his merchandise is cool and badass and he makes some money too.
Look at his Emotet and Lockbit malwear* merchandise. It's cool and badass
❤59🥰11🔥5🤣4😢1
Today an old acquaintance of mine died. Him and I were not close by any means. He was a family member of a friend.
As I get older in life the more dead people I know.
I've lost a lot of friends, family, and acquaintances over the past 3 decades.
A majority of the deaths have been due to the influence of drugs or alcohol.
I know many of you younger people think (whether you acknowledge it or not) that you're invincible or "it wouldn't happen to me", but I cannot stress this enough: don't fuck around with drugs or alcohol.
"So when the devil wants to dance with you, you better say never, because a dance with the devil might just last you forever"
As I get older in life the more dead people I know.
I've lost a lot of friends, family, and acquaintances over the past 3 decades.
A majority of the deaths have been due to the influence of drugs or alcohol.
I know many of you younger people think (whether you acknowledge it or not) that you're invincible or "it wouldn't happen to me", but I cannot stress this enough: don't fuck around with drugs or alcohol.
"So when the devil wants to dance with you, you better say never, because a dance with the devil might just last you forever"
😢144❤40🫡38💯5🤣2
vx-underground
Today an old acquaintance of mine died. Him and I were not close by any means. He was a family member of a friend. As I get older in life the more dead people I know. I've lost a lot of friends, family, and acquaintances over the past 3 decades. A majority…
I cannot keep track of the number of deceased I know. It's pretty high and it grows each year.
Off the top of my head:
- 4 Dead from drunk driving
- 1 Overdose
- 3 Suicides (addicted to drugs)
- 2 Dead from medical complications from alcohol
Off the top of my head:
- 4 Dead from drunk driving
- 1 Overdose
- 3 Suicides (addicted to drugs)
- 2 Dead from medical complications from alcohol
😢123🫡47❤12🙏6💯4😁3🤯2😇2🔥1
My least favorite thing about doing malware stuff is the absolutely deranged malware conspiracy theories.
I can't tell if it's mental illness, or the result of being terminally online, or ignorance, or all of the above.
I get messages from people writing about cross-platform metamorphic multi-staged information stealers abusing 0day exploits in image compression software which is delivered from Bruce Springsteen eBay listings.
You need to get off the computer, dawg
I can't tell if it's mental illness, or the result of being terminally online, or ignorance, or all of the above.
I get messages from people writing about cross-platform metamorphic multi-staged information stealers abusing 0day exploits in image compression software which is delivered from Bruce Springsteen eBay listings.
You need to get off the computer, dawg
😁50🤣21🥰7❤3🔥2🤓2😢1
vx-underground
My least favorite thing about doing malware stuff is the absolutely deranged malware conspiracy theories. I can't tell if it's mental illness, or the result of being terminally online, or ignorance, or all of the above. I get messages from people writing…
SCHMEELLY I THINK THE GOVERNMENT PUT A RAT IN MY PHONE
Dawg, you play Diablo and piss in empty soda cans. The government does NOT give a fuck about you.
Dawg, you play Diablo and piss in empty soda cans. The government does NOT give a fuck about you.
🤣75🥰14❤9👍4🤔2😱2😢1🤓1😇1🤝1
Might not work this week. In the United States it is a holiday called "Thanksgiving".
According to our educational institutions when we were like, 6 years old, Thanksgiving is a day which we celebrate the day English settlers and the indigenous Native Americans sat down and ate a lovely meal.
It is symbolic of unity of English settlers who escaped tyranny, or something, and then befriend the indigenous people of the Americas. It is a day we share thanks and give, or whatever.
We later learn this is romanticized and partially incorrect. We also later learn in our educational institutions what followed this lovely meal was famine, war, disease, and anything else horrible you can fathom.
Despite virtually every single person in the United States acknowledging this is a romanticized myth, we still celebrate it because its another reason to burn money and drive ourselves deeper in debt.
Following this, people do "Black Friday". Black Friday is a day where we worship our billionaire oligarchs and beg them for discounts and scraps of goods they no longer intend to sell at regular retail value.
Our billionaire overlords have been so pleased with this the "Black Friday" event has now been extended for several days, as long as a week by some retailers, to ensure maximum exploitation of not only consumers but seasonal employees.
According to our educational institutions when we were like, 6 years old, Thanksgiving is a day which we celebrate the day English settlers and the indigenous Native Americans sat down and ate a lovely meal.
It is symbolic of unity of English settlers who escaped tyranny, or something, and then befriend the indigenous people of the Americas. It is a day we share thanks and give, or whatever.
We later learn this is romanticized and partially incorrect. We also later learn in our educational institutions what followed this lovely meal was famine, war, disease, and anything else horrible you can fathom.
Despite virtually every single person in the United States acknowledging this is a romanticized myth, we still celebrate it because its another reason to burn money and drive ourselves deeper in debt.
Following this, people do "Black Friday". Black Friday is a day where we worship our billionaire oligarchs and beg them for discounts and scraps of goods they no longer intend to sell at regular retail value.
Our billionaire overlords have been so pleased with this the "Black Friday" event has now been extended for several days, as long as a week by some retailers, to ensure maximum exploitation of not only consumers but seasonal employees.
❤70🤓18🤣15👍8💯8🔥3🥰3😢3🫡3❤🔥1😁1
If you want to learn more about malware the easiest method is learning malware TTPs (Tactics Techniques and Procedures). Basically, understand some of the techniques employed by malware authors to do stuff
Some malware techniques are simple and old
Some malware techniques are incredibly sophisticated
What you'll notice though with malware TTPs is each TTP is a "stepping stone". For example, the most advanced evasion techniques often stem from the most basic of evasion techniques.
Research and improvements on malware don't come from nowhere. Each technique comes from standing (metaphorically) on the work of others.
Malware TTPs are broken down kind of subjectively. They're hard to categorize. MITRE is the industry standard for malware TTPs, but even then there is some debate on the effectiveness of it.
By effectiveness I mean, if you have a simple malware technique that is slightly modified, is it the same malware technique? Is it a whole new category? How many "modifications" until it has its own entry? It's just debating classification.
For Windows malware however malware is defined as something along the lines of:
1. How was it delivered to the machine?
2. How many "chains" or "stages" or "redirects" were performed until the payload was detonated?
3. How was the payload detonated?
4. Is the payload persistent?
5. What was the objective of the malware?
On missiles and stuff, the part that explodes is the payload. It is the same concept with malware. The actual malicious code that does the malicious stuff is the payload.
With chains, or redirects, or stages, ... modern malware is often not as simple as someone double clicking a .exe the payload detonates. While this is true for common malware, more sophisticated malware will often jump through a series of hoops until the actual payload is detonated.
For example, more sophisticated malware may send a malicious email attachment that is a .Lnk file (shortcut file). When the user double clicks the .Lnk file the .Lnk file may download a .zip file. The . Lnk file will extract the .zip which will contain a malicious .JS file. The .Lnk file will execute the .JS file.
The .JS file will delete the .Lnk and .zip. The .JS file with then generate a .PS1 noscript and execute it. The .PS1 file will delete the .JS file and download a .exe file. The .exe file then will download a .dll file. The .DLL is the payload.
1. Lnk downloads .zip
2. Lnk extracts zip
3. Lnk runs .JS
4. JS deletes .Lnk
5. JS deletes .zip
6. JS makes .ps1
7. ps1 downloads .exe
8. ps1 deletes .JS
9. .exe downloads .DLL
10. .exe runs .DLL payload
The reason malware does this is because it makes it difficult for anti virus software to identify the final payload. Researchers will need to reconstruct the series of events which lead to the payload delivery. Additionally, malware authors may modify the chaining at any given moment to make detection much more difficult.
Okay, that's enough schizo ranting for now.
Some malware techniques are simple and old
Some malware techniques are incredibly sophisticated
What you'll notice though with malware TTPs is each TTP is a "stepping stone". For example, the most advanced evasion techniques often stem from the most basic of evasion techniques.
Research and improvements on malware don't come from nowhere. Each technique comes from standing (metaphorically) on the work of others.
Malware TTPs are broken down kind of subjectively. They're hard to categorize. MITRE is the industry standard for malware TTPs, but even then there is some debate on the effectiveness of it.
By effectiveness I mean, if you have a simple malware technique that is slightly modified, is it the same malware technique? Is it a whole new category? How many "modifications" until it has its own entry? It's just debating classification.
For Windows malware however malware is defined as something along the lines of:
1. How was it delivered to the machine?
2. How many "chains" or "stages" or "redirects" were performed until the payload was detonated?
3. How was the payload detonated?
4. Is the payload persistent?
5. What was the objective of the malware?
On missiles and stuff, the part that explodes is the payload. It is the same concept with malware. The actual malicious code that does the malicious stuff is the payload.
With chains, or redirects, or stages, ... modern malware is often not as simple as someone double clicking a .exe the payload detonates. While this is true for common malware, more sophisticated malware will often jump through a series of hoops until the actual payload is detonated.
For example, more sophisticated malware may send a malicious email attachment that is a .Lnk file (shortcut file). When the user double clicks the .Lnk file the .Lnk file may download a .zip file. The . Lnk file will extract the .zip which will contain a malicious .JS file. The .Lnk file will execute the .JS file.
The .JS file will delete the .Lnk and .zip. The .JS file with then generate a .PS1 noscript and execute it. The .PS1 file will delete the .JS file and download a .exe file. The .exe file then will download a .dll file. The .DLL is the payload.
1. Lnk downloads .zip
2. Lnk extracts zip
3. Lnk runs .JS
4. JS deletes .Lnk
5. JS deletes .zip
6. JS makes .ps1
7. ps1 downloads .exe
8. ps1 deletes .JS
9. .exe downloads .DLL
10. .exe runs .DLL payload
The reason malware does this is because it makes it difficult for anti virus software to identify the final payload. Researchers will need to reconstruct the series of events which lead to the payload delivery. Additionally, malware authors may modify the chaining at any given moment to make detection much more difficult.
Okay, that's enough schizo ranting for now.
🥰65❤25🫡13😁4🔥2😢1💯1🤝1
Sometimes I still think about how zhangsansec hacked our website.
He found the silliest bug.
The bug allowed him to arbitrarily upload, download, edit, and delete files. He couldn't modify any website code, but he had the ability for a brief moment in time to destroy our entire archive.
When he discovered the exploit he notified us via DM. He didn't ask for anything in return. He didn't want a bug bounty. He shared his thoughts on where he believed the bug was on our side.
After he reported the vulnerability and confirmed we fixed it, ... he disappeared.
This guy is a fucking badass. Who the fuck was that absolute chad? Bro hacked our shit for the love of the game and as a meme ... then just left???
He found the silliest bug.
The bug allowed him to arbitrarily upload, download, edit, and delete files. He couldn't modify any website code, but he had the ability for a brief moment in time to destroy our entire archive.
When he discovered the exploit he notified us via DM. He didn't ask for anything in return. He didn't want a bug bounty. He shared his thoughts on where he believed the bug was on our side.
After he reported the vulnerability and confirmed we fixed it, ... he disappeared.
This guy is a fucking badass. Who the fuck was that absolute chad? Bro hacked our shit for the love of the game and as a meme ... then just left???
🫡124❤🔥28❤8🥰8🤝4🤔3💯3🤓3👍1😢1
Hi,
I will begin doing giveaways soon for the holiday season. This will be our third year doing giveaways.
This year I'll be giving away significantly less stuff because I have a baby and he doesn't respect anything except milk, food, pooping, and sleep.
Regardless, I still have lots of cool stuff to giveaway.
I'll be doing giveaways from cyberwarfarelab, CCGCyberWorld, HCAdamSec, ddd1ms, and some stuff from myself personally out-of-pocket. I forgot to harass more people for free stuff. I'm sure someone will come around.
For those new: each holiday season I giveaway a bunch of educational cybersecurity and/or information technology stuff. It's for anyone.
tl;dr cats r cool
I will begin doing giveaways soon for the holiday season. This will be our third year doing giveaways.
This year I'll be giving away significantly less stuff because I have a baby and he doesn't respect anything except milk, food, pooping, and sleep.
Regardless, I still have lots of cool stuff to giveaway.
I'll be doing giveaways from cyberwarfarelab, CCGCyberWorld, HCAdamSec, ddd1ms, and some stuff from myself personally out-of-pocket. I forgot to harass more people for free stuff. I'm sure someone will come around.
For those new: each holiday season I giveaway a bunch of educational cybersecurity and/or information technology stuff. It's for anyone.
tl;dr cats r cool
❤146❤🔥26🥰14🎉6👍3😢1
This media is not supported in your browser
VIEW IN TELEGRAM
🤯119🤣49❤25😱7🥰6💯4😁2😢2🤓2🔥1😎1
If you had to choose between never seeing your family ever again or never being able to get on the internet ever again
Which website would you visit once your family is gone forever
Which website would you visit once your family is gone forever
🤣172🥰27😁19😱8❤5🤓5💯3🔥2😢2🤔1
In like, 2020 I read this paper from 2006 about a malware keylogging idea. It was briefly discussed on forums and some cybersecurity conventions.
No one ever produced code for the idea.
Every few months I return back to the idea and poke around for a bit.
I have no idea why I've been obsessed with this idea for FIVE FUCKING YEARS. Regardless, today after poking around some more I think I finally figured it out.
No one ever produced code for the idea.
Every few months I return back to the idea and poke around for a bit.
I have no idea why I've been obsessed with this idea for FIVE FUCKING YEARS. Regardless, today after poking around some more I think I finally figured it out.
🤯48🎉11❤9🤓6🥰2😢1
vx-underground
In like, 2020 I read this paper from 2006 about a malware keylogging idea. It was briefly discussed on forums and some cybersecurity conventions. No one ever produced code for the idea. Every few months I return back to the idea and poke around for a bit.…
It's not even like, super cool or 1337. It's just something that's been bugging me for years. I was annoyed that no one produced code for it and I didn't get it working. It was like an itch I couldn't get to go away.
🥰42🤣9👍3❤2😢1
vx-underground
It's not even like, super cool or 1337. It's just something that's been bugging me for years. I was annoyed that no one produced code for it and I didn't get it working. It was like an itch I couldn't get to go away.
I haven't returned to the idea in so long I didn't realize these nerds kind of did it. It's not a full POC, but it's closed to what I've been toying with for awhile
https://www.praetorian.com/blog/leveraging-microsoft-text-services-framework-tsf-for-red-team-operations/
https://www.praetorian.com/blog/leveraging-microsoft-text-services-framework-tsf-for-red-team-operations/
❤27🥰5🔥1😢1