vx-underground

The vx-underground Microblog is designed as a place to store vx-underground staff members thoughts, opinions, or notes. Microblog update: 2024-07-12 - Chrome COM Interface abuse potential? https://vx-underground.org/Microblog

Individuals are reporting that NullBulge, the individuals claiming responsibility for the Disney slack leak, website is suddenly offline – individuals are unable to pull the leak. tl;dr Disney has an army of lawyers (and probably nerds)

It's Friday - A Threat Actor operating under the moniker 'NullBulge' claims to have exfiltrated 1.1TiB of data from Disney's slack. Based on the information disclosed by the Threat Actor we suspect it is yet another victim of Infostealer malware. - AT&T filed an SEC 8K. In April an unknown Threat Actor exfiltrated customer calls and text interactions from October 31st, 2022 - January 2nd, 2023. It does not contain the contents of the conversations, but it includes almost every single AT&T customers phone number. - Rumors are surfacing of SquareSpace customers suffering from DNS hijacks. So far crypto-related domains are being targeted. Details are sparce – it's not certain if it's due to targeted customer compromise(s), or a SquareSpace compromise. We suspect it's targeted customers. If SquareSpace was compromised we believe more high-profile customers would be targeted.

sMelLy whY doNt u jUsT mAke a TorRenT oF tHe MalWaRe SamPleZ MOTHERFUCKER WE DID. - Has it's own category on vx-underground - Posted about for several weeks We only did it as a giant .7z to be nice to nerds who DIDN'T want to torrent. /me flips desk

Put your hands up, criminal scum. You're under arrest for violations of the United States Computer Fraud & Abuse Act, Wire Fraud, and Aggravated Identity Theft

More information on SocGholish: https://www.proofpoint.com/us/blog/threat-insight/part-1-socgholish-very-real-threat-very-fake-update

Tit4v discovered Golden Corral, the American all-you-can-eat buffet, giftcard page is attempting to deliver SocGholish malware. When visiting the page it delivers a prompt stating 'your Chrome browser is out of date'.

(we didn't contribute or help Laurie in anyway, but we subjected her to the malware hypnotoad)

No way the CEO of YouTube is giving a shoutout to the homie @lauriewired. Laurie, when you're at the Red Carpet in Hollywood, don't forget us. tl;dr malware is going mainstream. We're so back. The vx-underground malware propaganda psyop is working 😎