Vissransomware except in addition to encrypting data it plays a 10 hour supercut of all yotubes worst jarjar binks impressions and zingers forever until they pay
ransomware except it turns on 2fa for you and doesnt give you the recovery email or codes til you pay
ransomware except it ioncube encrypts your wordpress blog and posts nothing but the most cringe, embarrasing memes from 9gag every hour til you pay
ransomware except it signs you up to every mailing list for every vendor at rsa with your personal mobile phone and resubscribes you every 24 hours using mail aliases til you pay
ransomware except it uses hacked openclaw instances and stolen elevenlabs api keys to text-to-speech all new posts on moltbook.com/m/blesstheirhearts, then call you in random intervals 1-15 mins and read them to you aloud on every platform, starting with discord, then signal, then teams then eventually going to mobile phone. then hires bike messenger types to come ring your doorbell and read them to you in person telegram style
ransomware except it just leaks the mailspools of the c suite instead of encrypting anything
ransomware except it creates an ooo responder in o365 that has a btc address in it, a link to a nonexistent onlyfans page and a footer with a lobster emoji and text that says 'sent from my openclaw'
ransomware except it targets twitter users and posts as them advertising cryptoscams, feet pics and starts flamewars with super angry political nutbags
ransomware except it does the super 2005 era shit like rotating your windows display, or changing the keyboard layout to dvorak and occasionally displaying a qr code to a btc wallet til you pay. and it pushes that shit to the c-suite and board members first
ransomware except it just changes all the creds to all your switches, routers and firewalls
ransomware except the only thing it encrypts is that absolutely gargantuan landfill fileshare you have where everyone puts their shit and theres no permissions model and everyone can see everything, so its the companies giant junk drawer
ransomware except it only specifically targets aws, azure and gcp environments that are using tagging, thinking that coutns as network segmentation
ransomware except snoops mailspools, teams and slack, then forwards threads/screenshots to regulators where people in security departments are openly laughing about having lied to make it past compilance and regulatory rules/laws
ransomware except it forces only the executive staff, from managers and up, to retake the phishing training testing over and over again, and functions as a paywall on macs and windows boxes preventing them from using their computers untill they complete the training. and it spreads to their home devices, and specifically targets iphones and ipads of their kids as well
ransomware except it leaks c-suite and board member browser histories for the last 90 days
ransomware except it randomly selects 100 staff members and gives them a 5000 dollar daily bonus for every day that they follow the CEO around singing happy birthday, the song that never ends, the rebecca black friday friday song, the macarena or its a small world over and over again until the ransom is paid. the bonuses come out of the executive leadership bonus pool
ransomware except it volunteers you to be a boothbabe what whatever vendors that still use booth babes at rsa and blackhat
ransomware except it signs absolutely every single person in the company who has an email address up to the elon musk fan club
ransomware except that it specifically finds any machines that still have diskette drives in them and plays the mexican hat dance, the imperial march, or the mario theme on them either until their stepper motors burn out, or the ransom is paid
ransomware except, stuxnet style, specifically looks for any computers that are interfaces to mainframes, are mainframe adjacent, or otherwise in a critical workflow path, pauses all the queues in the mainframe, empies them, then rms all the regular computers. doesnt even aim for a ransom. overwrites the bootloader with the nyancat one, except instead of a cat its the fight club bar of soap
h/t @da_667
https://infosec.exchange/@da_667/116291164722073458
malware except it only infects networking appliances that can make pc speaker beeps and boops and forces them to loop through a cacophany of all the shit we used to play on the pc speaker as kids.
mario, doom music, heretic music, descent, star wars, various shit from the mod days
Scott Wilson@Viss How about
import subprocess
import time
CMD = ["eject", "-t"]
DELAY_SECONDS = 1.0
def main():
while True:
try:
subprocess.run(CMD, check=False)
except Exception:
# ignore errors and continue
pass
time.sleep(DELAY_SECONDS)
if __name__ == "__main__":
main()
"Musty Bits" McGee@Viss did you see master boot record? I feel like I've sent you them before or you might have seen them
Aprazeth
evilstevie@Viss oof. too far. just encrypt the drives with a randomised hash at this point.
Sheldon
WinterKnight 
@Viss oh this is awful
@winterknight1337 it gets worse :D
Tindra@Viss I would sponsor this activity
The Doctor@Viss Call it Rabid Weasel. As in "turned on them like a."
Mad Engineering@Viss I can only imagine how many intelligence agencies are now begging for you to work for them, almost all of these would make the world burn.......
@madengineering i have a rate card for them, if theyre creeping (they prolly are). i'd run a fun think tank, i wager
ocdtrekkie@Viss This has no impact to a large number of businesses who don't know them anyways.
materializing variations@Viss ransomware except it just constantly resets all of your smart bulbs to that flashing setup state?
@catscatscats ransomware except it figures out how to make all your smoke detectors run out of batteries at the same time
@Viss aAAAAeuuugh
RootWyrm 🇺🇦
@Viss jesus fucking christ, there's choosing violence, and then there's *that*.
@Viss I should write bofs that do this.
@Viss beacon object files.
@winterknight1337 oh! hmmmm.. i think we'd need to develop the proper stagers, cuz you gotta know stuff about your targets to land this shit. or we could dev out a new blackhole exploit kit that does it all?
@Viss pretty much any reasonably decent C2 can execute them now, even metasploit does!
@winterknight1337 wow its been a while since i had to use a real c2. i didnt even know these were a thing! i guess ive been lolling too hard in various clouds and posessing the still-living semi-corpses of github workflows too long
@Viss they’re super nice! Only issue is that they’re written in C, so if they crash they take your payload down with it, but they’re designed to avoid cobalt strike’s fork and run behaviors. But generally speaking, it’s a stealthier way to expand C2 payloads.
@winterknight1337 oh.. some shit crashing your payload you say?
and it takes down some more shit with it you say?
OH WHAT EVER DO YOU MEAN
https://github.com/EmpireProject/Empire/issues/589
@winterknight1337 someone, i dont remember who, made this after that, and it has been the wallpaper of my old crusty mac ever since.
schrotthaufen@Viss Ransomware except it sends burglars after they had Taco Bell to clog your toilets while you’re not at home
Patrick Berry
Quinn Norton
a high doom