This media is not supported in your browser
VIEW IN TELEGRAM
> post about vuln billion dollar Italian company
> ppl say italy wont care
> italy gov contacts me
> ubisoft hacked and bamboozled
> tarkov auth bypass bamboozles
> trustwallet users drained of $9m on christmas
> more i cant say yet
Another day of internet schizophrenia.
> ppl say italy wont care
> italy gov contacts me
> ubisoft hacked and bamboozled
> tarkov auth bypass bamboozles
> trustwallet users drained of $9m on christmas
> more i cant say yet
Another day of internet schizophrenia.
π₯°107β€21π13π3
vx-underground
Clarification post, previous post about Ubisoft lead to some confusion. That's my fault. I'll be more verbose. I was trying to compress the information into 1 singular post without it exceeding the word limit. Here's the word on the internet streets: - THEβ¦
On today's episode of Dragon Ball Z
The FIRST GROUP is laying low after gifting everyone on Rainbow Six Siege $339,000,000,000,000 worth of in-game currency.
The SECOND GROUP has been having some conflicts with people on THE INTERNET. The story has changed. Initially I shared this group had compromised an internal Git repository, or something, and had stolen internal source code. Word is now that this was A LIE (or exaggeration) and they do not have as much material as they shared.
The THIRD GROUP is LYING. They did NOT compromise Ubisoft customer data (to the best of my knowledge) and they're trying to scare and intimidate Ubisoft or Ubisoft employees because ???
The FOURTH GROUP is also kind of laying low. They assert GROUP TWO is a bunch of jerks. Basically, to reiterate, the FOURTH GROUP thinks GROUP TWO has had some source code to Ubisoft for awhile BUT thinks GROUP TWO is trying to hide behind GROUP ONE and basically frame them, or something, I don't know.
There's also a bunch of IMPOSTER GROUP TWOs on the internet now. They are people lying trying to impersonate extortionists ... because ... don't understand why.
Will GROUP ONE let me talk more about how they bamboozled Ubisoft? Will GROUP ONE keep ignoring my DMs? Will GROUP TWO show more proof about their data exfiltration other than "cmon bro"? Will GROUP FOUR continue to have beef with GROUP TWO? Who is GROUP THREE and why did they lie about compromising Ubisoft customer data? Why are there now IMPOSTER GROUP THREE people?
Find out next time on Dragon Ball Z
The FIRST GROUP is laying low after gifting everyone on Rainbow Six Siege $339,000,000,000,000 worth of in-game currency.
The SECOND GROUP has been having some conflicts with people on THE INTERNET. The story has changed. Initially I shared this group had compromised an internal Git repository, or something, and had stolen internal source code. Word is now that this was A LIE (or exaggeration) and they do not have as much material as they shared.
The THIRD GROUP is LYING. They did NOT compromise Ubisoft customer data (to the best of my knowledge) and they're trying to scare and intimidate Ubisoft or Ubisoft employees because ???
The FOURTH GROUP is also kind of laying low. They assert GROUP TWO is a bunch of jerks. Basically, to reiterate, the FOURTH GROUP thinks GROUP TWO has had some source code to Ubisoft for awhile BUT thinks GROUP TWO is trying to hide behind GROUP ONE and basically frame them, or something, I don't know.
There's also a bunch of IMPOSTER GROUP TWOs on the internet now. They are people lying trying to impersonate extortionists ... because ... don't understand why.
Will GROUP ONE let me talk more about how they bamboozled Ubisoft? Will GROUP ONE keep ignoring my DMs? Will GROUP TWO show more proof about their data exfiltration other than "cmon bro"? Will GROUP FOUR continue to have beef with GROUP TWO? Who is GROUP THREE and why did they lie about compromising Ubisoft customer data? Why are there now IMPOSTER GROUP THREE people?
Find out next time on Dragon Ball Z
π€£98π₯8β€6π₯°5
I'm trying to notify this Web3 startup company they have a pretty severe vulnerability in one of their products.
The CEO of the company advertises his Telegram handle, but trying to contact him he charges $1.49 per message sent to him
Dude what the fuck?
The CEO of the company advertises his Telegram handle, but trying to contact him he charges $1.49 per message sent to him
Dude what the fuck?
π€£182π19β€6π6π₯4π€―2π«‘2π―1
I have a bunch of people from India being mean to me because I wrote the Insider Threats that hurt some companies were worked off-shored to India
What do you want me to do? Lie? It's objectively true. I'm sorry large companies exploit your country, dawg
What do you want me to do? Lie? It's objectively true. I'm sorry large companies exploit your country, dawg
π€£154π―29π₯°7π€4β€3π1π1π1π’1
Chat, we've solved the mystery of the Ubisoft Rainbow Six Siege incident. Unfortunately, I cannot go too deep into details (yet), but it is very silly.
Okay, we have FIVE GROUPS of people now.
GROUP ONE - Responsible for the Rainbow Six Siege incident, they gave away $339,000,000,000 worth of in-game currency and caused chaos. They're now sort of laying low.
GROUP TWO - Claims to have Ubisoft source code. They claimed it was from MongoBleed. This has been proven to be A LIE. However, they DO have internal things from Ubisoft. They lied how they achieved it (read more, GROUP FIVE)
GROUP THREE - Has been lying on Telegram claiming to have compromised Ubisoft. They're using fake data to try to intimidate Ubisoft, and Ubisoft customers, to pay them money. They're all lying.
GROUP FOUR - Very critical of GROUP TWO, calls GROUP TWO LIARS. GROUP FOUR says GROUP TWO is trying to bamboozle GROUP ONE
GROUP FIVE - GROUP FIVE appeared today and presented a comprehensive breakdown on the Ubisoft Rainbow Six Siege (and other) conflicts. GROUP FIVE illustrated step by step how all actions were performed. GROUP FIVE unveiled exactly how GROUP TWO managed to get access to Ubisoft internals (with photographic evidence). GROUP FIVE also provided code demonstrating how GROUP ONE did many things as well other things not reported. GROUP FIVE has a big swinging dick and isn't fucking around. GROUP FIVE is pretty hardcore, not even memeing. They're very intelligent and calculated in what they say and do. GROUP FIVE (probably) make and sell cheats for Ubisoft soft games and are very talented reverse engineers.
Ubisoft is well aware of GROUP ONE, GROUP TWO, GROUP FOUR, and GROUP FIVE. GROUP FIVE also provided a comprehensive breakdown on how Ubisoft knows things.
All of the groups listed, except GROUP THREE, know each other and operate loosely together, in some capacity, it's basically a hardcore community of gaming Ubisoft nerds.
Don't worry, Ubisoft, I'll keep your secrets safe. You and I (your company) probably understand what I'm referencing in this post.
GROUP FIVE has promised to do a write-up and technical breakdown at a later time which I can share publicly. However, they will not do it yet because of some stuff happening between GROUP ONE and GROUP TWO.
The anime saga has concluded.
Okay, we have FIVE GROUPS of people now.
GROUP ONE - Responsible for the Rainbow Six Siege incident, they gave away $339,000,000,000 worth of in-game currency and caused chaos. They're now sort of laying low.
GROUP TWO - Claims to have Ubisoft source code. They claimed it was from MongoBleed. This has been proven to be A LIE. However, they DO have internal things from Ubisoft. They lied how they achieved it (read more, GROUP FIVE)
GROUP THREE - Has been lying on Telegram claiming to have compromised Ubisoft. They're using fake data to try to intimidate Ubisoft, and Ubisoft customers, to pay them money. They're all lying.
GROUP FOUR - Very critical of GROUP TWO, calls GROUP TWO LIARS. GROUP FOUR says GROUP TWO is trying to bamboozle GROUP ONE
GROUP FIVE - GROUP FIVE appeared today and presented a comprehensive breakdown on the Ubisoft Rainbow Six Siege (and other) conflicts. GROUP FIVE illustrated step by step how all actions were performed. GROUP FIVE unveiled exactly how GROUP TWO managed to get access to Ubisoft internals (with photographic evidence). GROUP FIVE also provided code demonstrating how GROUP ONE did many things as well other things not reported. GROUP FIVE has a big swinging dick and isn't fucking around. GROUP FIVE is pretty hardcore, not even memeing. They're very intelligent and calculated in what they say and do. GROUP FIVE (probably) make and sell cheats for Ubisoft soft games and are very talented reverse engineers.
Ubisoft is well aware of GROUP ONE, GROUP TWO, GROUP FOUR, and GROUP FIVE. GROUP FIVE also provided a comprehensive breakdown on how Ubisoft knows things.
All of the groups listed, except GROUP THREE, know each other and operate loosely together, in some capacity, it's basically a hardcore community of gaming Ubisoft nerds.
Don't worry, Ubisoft, I'll keep your secrets safe. You and I (your company) probably understand what I'm referencing in this post.
GROUP FIVE has promised to do a write-up and technical breakdown at a later time which I can share publicly. However, they will not do it yet because of some stuff happening between GROUP ONE and GROUP TWO.
The anime saga has concluded.
π59β€30π₯°14π€9π8π₯2
vx-underground
Chat, we've solved the mystery of the Ubisoft Rainbow Six Siege incident. Unfortunately, I cannot go too deep into details (yet), but it is very silly. Okay, we have FIVE GROUPS of people now. GROUP ONE - Responsible for the Rainbow Six Siege incident, theyβ¦
Oh, and for the record, GROUP FIVE only appeared because they were annoyed GROUP TWO lied about getting data as a result of MongoBleed. They only came toward to dispell rumors and tell the other nerds to shut up
π€£83π₯°7π5β€3
I saw KlezVirus do a write-up on callback abuse. I had this really silly idea of taking his proof-of-concept but nesting his proxy callbacks between nested callbacks from callbacks
Replace the printf stuff with malicious stuff or more callbacks
https://pastebin.com/raw/WeNbbkzv
Replace the printf stuff with malicious stuff or more callbacks
https://pastebin.com/raw/WeNbbkzv
β€35π₯°5π€―4π2
vx-underground
I saw KlezVirus do a write-up on callback abuse. I had this really silly idea of taking his proof-of-concept but nesting his proxy callbacks between nested callbacks from callbacks Replace the printf stuff with malicious stuff or more callbacks https://β¦
This is an absolutely absurd and silly idea. I don't even know the applicability and evasiveness behind it, but it's so outrageous it makes me giggle
β€33π₯5π₯°4π4π€1
I've had a few posts break past 70k likes, 80k likes, and even 100k likes.
Chat, have we broken the malware cement ceiling? Are we bringing malware to the masses?
We're making malware cool and badass by a combination of malware sprinkled with pictures of kitty cats
Chat, have we broken the malware cement ceiling? Are we bringing malware to the masses?
We're making malware cool and badass by a combination of malware sprinkled with pictures of kitty cats
π₯°85β€24π16π―5π4π’1π€1
vx-underground
Some nerds identified a cybersecurity company based out of Asia with all these awards listed on their site. They list all these fancy certifications, their industry partners, etc. They vibe coded their website. It's incorrectly configured and API keys areβ¦
THEY ADVERTISE THEMSELVES AS EXPERTS IN WEB SECURITY
π₯°83π€£49β€11π€7π5π₯3π2π―2π€―1π1π1
Exploring more stuff with callback abuse.
I have no idea what I'm doing. This code is such a pain in the ass to write. It's an ugly bastard.
https://pastebin.com/raw/Z5cJ30AR
I have no idea what I'm doing. This code is such a pain in the ass to write. It's an ugly bastard.
https://pastebin.com/raw/Z5cJ30AR
β€38π10
Good news for malware nerds: I've added more malware to vx-underground
Bad news for malware haters: I've added more malware to vx-underground
I haven't made an update page yet though because I'm doing other stuff. I'm very busy (I'm coding and looking at cat memes)
Bad news for malware haters: I've added more malware to vx-underground
I haven't made an update page yet though because I'm doing other stuff. I'm very busy (I'm coding and looking at cat memes)
β€78π₯°16π€13π₯5π―3π2π€©1
This media is not supported in your browser
VIEW IN TELEGRAM
π€£75π₯°17π₯6π―5β€2