ransomware except in addition to encrypting data it plays a 10 hour supercut of all yotubes worst jarjar binks impressions and zingers forever until they pay
-
@catscatscats ransomware except it figures out how to make all your smoke detectors run out of batteries at the same time
@Viss aAAAAeuuugh
-
ransomware except snoops mailspools, teams and slack, then forwards threads/screenshots to regulators where people in security departments are openly laughing about having lied to make it past compilance and regulatory rules/laws
ransomware except it forces only the executive staff, from managers and up, to retake the phishing training testing over and over again, and functions as a paywall on macs and windows boxes preventing them from using their computers untill they complete the training. and it spreads to their home devices, and specifically targets iphones and ipads of their kids as well
-
ransomware except it forces only the executive staff, from managers and up, to retake the phishing training testing over and over again, and functions as a paywall on macs and windows boxes preventing them from using their computers untill they complete the training. and it spreads to their home devices, and specifically targets iphones and ipads of their kids as well
ransomware except it leaks c-suite and board member browser histories for the last 90 days
-
ransomware except it leaks c-suite and board member browser histories for the last 90 days
ransomware except it randomly selects 100 staff members and gives them a 5000 dollar daily bonus for every day that they follow the CEO around singing happy birthday, the song that never ends, the rebecca black friday friday song, the macarena or its a small world over and over again until the ransom is paid. the bonuses come out of the executive leadership bonus pool
-
ransomware except it just reinstalls copilot back into notepad
@Viss jesus fucking christ, there's choosing violence, and then there's *that*.
-
ransomware except it does the super 2005 era shit like rotating your windows display, or changing the keyboard layout to dvorak and occasionally displaying a qr code to a btc wallet til you pay. and it pushes that shit to the c-suite and board members first
@Viss Ah, computer pranks. Buddies and I learned so much just by pranking one another. Good times.
-
ransomware except it randomly selects 100 staff members and gives them a 5000 dollar daily bonus for every day that they follow the CEO around singing happy birthday, the song that never ends, the rebecca black friday friday song, the macarena or its a small world over and over again until the ransom is paid. the bonuses come out of the executive leadership bonus pool
ransomware except it volunteers you to be a boothbabe what whatever vendors that still use booth babes at rsa and blackhat
-
ransomware except it volunteers you to be a boothbabe what whatever vendors that still use booth babes at rsa and blackhat
ransomware except it volunteers you to be a CEH exam proctor
-
ransomware except it volunteers you to be a CEH exam proctor
ransomware except it signs absolutely every single person in the company who has an email address up to the elon musk fan club
-
@Viss Ah, computer pranks. Buddies and I learned so much just by pranking one another. Good times.
@TrillionB we used to pull that shit on people who left their workstations unlocked back when i was in websense tech support in like 2001
-
ransomware except it leaks c-suite and board member browser histories for the last 90 days
@Viss I would sponsor this activity
-
ransomware except it signs absolutely every single person in the company who has an email address up to the elon musk fan club
ransomware except that it specifically finds any machines that still have diskette drives in them and plays the mexican hat dance, the imperial march, or the mario theme on them either until their stepper motors burn out, or the ransom is paid
-
@winterknight1337 wow its been a while since i had to use a real c2. i didnt even know these were a thing! i guess ive been lolling too hard in various clouds and posessing the still-living semi-corpses of github workflows too long
@Viss they’re super nice! Only issue is that they’re written in C, so if they crash they take your payload down with it, but they’re designed to avoid cobalt strike’s fork and run behaviors. But generally speaking, it’s a stealthier way to expand C2 payloads.
-
ransomware except it signs absolutely every single person in the company who has an email address up to the elon musk fan club
@Viss oof. too far. just encrypt the drives with a randomised hash at this point.
-
ransomware except it volunteers you to be a CEH exam proctor
@Viss oh this is awful
-
ransomware except that it specifically finds any machines that still have diskette drives in them and plays the mexican hat dance, the imperial march, or the mario theme on them either until their stepper motors burn out, or the ransom is paid
ransomware except, stuxnet style, specifically looks for any computers that are interfaces to mainframes, are mainframe adjacent, or otherwise in a critical workflow path, pauses all the queues in the mainframe, empies them, then rms all the regular computers. doesnt even aim for a ransom. overwrites the bootloader with the nyancat one, except instead of a cat its the fight club bar of soap
-
@Viss oh this is awful
@winterknight1337 it gets worse
-
ransomware except that it specifically finds any machines that still have diskette drives in them and plays the mexican hat dance, the imperial march, or the mario theme on them either until their stepper motors burn out, or the ransom is paid
@Viss How about
import subprocess
import timeCMD = ["eject", "-t"]
DELAY_SECONDS = 1.0def main():
while True:
try:
subprocess.run(CMD, check=False)
except Exception:
# ignore errors and continue
pass
time.sleep(DELAY_SECONDS)if __name__ == "__main__":
main() -
@Viss they’re super nice! Only issue is that they’re written in C, so if they crash they take your payload down with it, but they’re designed to avoid cobalt strike’s fork and run behaviors. But generally speaking, it’s a stealthier way to expand C2 payloads.
@winterknight1337 oh.. some shit crashing your payload you say?
and it takes down some more shit with it you say?
OH WHAT EVER DO YOU MEANhttps://github.com/EmpireProject/Empire/issues/589
-
ransomware except, stuxnet style, specifically looks for any computers that are interfaces to mainframes, are mainframe adjacent, or otherwise in a critical workflow path, pauses all the queues in the mainframe, empies them, then rms all the regular computers. doesnt even aim for a ransom. overwrites the bootloader with the nyancat one, except instead of a cat its the fight club bar of soap
@Viss we’ve got new bootloader overwrites now too!
