ransomware except in addition to encrypting data it plays a 10 hour supercut of all yotubes worst jarjar binks impressions and zingers forever until they pay
-
ransomware except it does the super 2005 era shit like rotating your windows display, or changing the keyboard layout to dvorak and occasionally displaying a qr code to a btc wallet til you pay. and it pushes that shit to the c-suite and board members first
@Viss I should write bofs that do this.
-
ransomware except in addition to encrypting data it plays a 10 hour supercut of all yotubes worst jarjar binks impressions and zingers forever until they pay
@Viss http://www.g3tliv3.com/ like from archer lol
-
ransomware except it only specifically targets aws, azure and gcp environments that are using tagging, thinking that coutns as network segmentation
ransomware except snoops mailspools, teams and slack, then forwards threads/screenshots to regulators where people in security departments are openly laughing about having lied to make it past compilance and regulatory rules/laws
-
@Viss I should write bofs that do this.
@winterknight1337 bofs?
-
@Viss beacon object files.
-
@Viss http://www.g3tliv3.com/ like from archer lol
@bosh oh i built that. dude - curl hax.lol and leave the default user agent
-
ransomware except in addition to encrypting data it plays a 10 hour supercut of all yotubes worst jarjar binks impressions and zingers forever until they pay
@Viss Gaah! Isn't that against the Geneva Convention?
-
@Viss beacon object files.
@winterknight1337 oh! hmmmm.. i think we'd need to develop the proper stagers, cuz you gotta know stuff about your targets to land this shit. or we could dev out a new blackhole exploit kit that does it all?
-
@winterknight1337 oh! hmmmm.. i think we'd need to develop the proper stagers, cuz you gotta know stuff about your targets to land this shit. or we could dev out a new blackhole exploit kit that does it all?
@Viss pretty much any reasonably decent C2 can execute them now, even metasploit does!
-
@bosh oh i built that. dude - curl hax.lol and leave the default user agent
@bosh the zip it fetches and installs is an osx screensaver that does exactly that animation, which was formerly the shodan 404 for a while. i wrote it during a gig we got hired for at a large financial in sf way back when. it was the 'harmless payload' we deployed when we discovered a bunch of display machines were using a shared ssh key, and i wanted some theatrics around showing how it could be abused
-
ransomware except it signs you up to every mailing list for every vendor at rsa with your personal mobile phone and resubscribes you every 24 hours using mail aliases til you pay
@Viss You realize that this will result in the finale of The Boondock Saints, yeah?
-
@bosh oh i built that. dude - curl hax.lol and leave the default user agent
@Viss somehow the gif from the show is not readily findable so i used a variant link lol
-
ransomware except it just leaks the mailspools of the c suite instead of encrypting anything
@Viss Call it BOFH.
-
ransomware except it just reinstalls copilot back into notepad
@Viss ransomware except it just constantly resets all of your smart bulbs to that flashing setup state?
-
ransomware except the only thing it encrypts is that absolutely gargantuan landfill fileshare you have where everyone puts their shit and theres no permissions model and everyone can see everything, so its the companies giant junk drawer
@Viss Landfill file share. I'll have to keep that turn of phase in mind.
-
@Viss pretty much any reasonably decent C2 can execute them now, even metasploit does!
@winterknight1337 wow its been a while since i had to use a real c2. i didnt even know these were a thing! i guess ive been lolling too hard in various clouds and posessing the still-living semi-corpses of github workflows too long
-
ransomware except snoops mailspools, teams and slack, then forwards threads/screenshots to regulators where people in security departments are openly laughing about having lied to make it past compilance and regulatory rules/laws
@Viss Call it Rabid Weasel. As in "turned on them like a."
-
@Viss Landfill file share. I'll have to keep that turn of phase in mind.
@drwho i used to call it an ocean of fileshare, but in my experience they're mostly trash anyway, so ... landfill fileshare.
-
@Viss ransomware except it just constantly resets all of your smart bulbs to that flashing setup state?
@catscatscats ransomware except it figures out how to make all your smoke detectors run out of batteries at the same time
-
ransomware except it just changes all the creds to all your switches, routers and firewalls
@Viss This has no impact to a large number of businesses who don't know them anyways.
