The largest collection of malware source code, samples, and papers on the internet.
Password: infected
(unofficial, this is a bot! Maintained by a private individual, the bot can't handle retweets or replies, support soonish)
vx-underground (automated mirror)
Loading...
lengthy threads because sometimes people don't see the thread in totality.
Anyway, good luck nerds
If you want updates on the Axios supply chain attack I recommend monitoring these people's posts:
- @dez_
- @feross
- @ramimacisabird
- @_JohnHammond
These four seem to be on top of it. People are also commenting on their posts and sharing information.
I was initially sharing
information I saw on the Axios supply chain as fast as I could. However, I keep seeing some conflicting information and I don't want to accidentally spread incorrect or outdated information to a large audience.
X does not provide a way to easily edit posts, and I don't like making
poking this Axios stuff with a stick, it appears at first glance this is a cryptocurrency stealer. However, we need more information still.
contributor
- Changed email to their account to a disposable Proton email
- Two Axios versions impacted
- Attackers used a GoDaddy (???) domain to exfiltrate information
- Domain is already dead
- Unless malware has backup domain stuff in place, malware is now dead
- The malware
Cybersecurity nerds this week after experiencing 50 supply chain attacks last week
Axios supply chain attack information is fucking exploding right now.
In the cybersecurity scene right now you can hit refresh every second and see new information on the Axios supply chain attack
Nerds are bugging out
Preliminary information confirmed:
- Compromised a key Axios GitHub
inserted into Axios works on Windows, Mac, and Linux. Each OS gets a different malware
- Initially marked as GhostLoader campaign (heavy code overlap)
- Large Cyber Threat Intelligence firms speculating this was performed by Lazarus Group (North Korean government)
While nerds are still
