OnlyMalware is a community for malware writers who want to discuss nothing but malware writing because they are all slowly descending into madness.

Discord invite link: https://discord.gg/onlymalware

Any nerd behind a computer can make a ransom group. But, how many can make a handsome group?

We have located a cold war era nuclear bomb shelter for sale.

It is $100,000.

New fundraiser for vx-underground HQ 😎

In a post-apocalyptic society the only thing remaining will be cockroaches and vx-underground

We have been gifted 5 licenses to Malcat standard edition. If you're interested in a license of Malcat, leave a comment on our tweet =D

Malcat is a new binary analysis software. More information: https://malcat.fr

https://twitter.com/vxunderground/status/1655536899237511168

We are excited to announce some winners have been chosen from the vx-underground x SentinelOne malware research challenge.

Winners will be announced soon.

Nerds will win swag, entries on the SentinelOne site, the vx-underground site, and 1 nerd gets a Macbook Pro.

A new potential replacement to Breached has exploded in popularity. Interestingly, unlike Breached, they did not allow attacks against Russia.

Also, the logo they use is interesting.

The new Windows 11 boot screen looks really good

We've updated the VXUG Windows malware paper collection

-2017-09-19 - Abusing Delay Load DLLs for Remote Code Injection
-2021-01-24 - LSASS Memory Dumps are Stealthier than Ever Before Part 1 & 2
-2023-04-17 - An in-depth look at the Golang Windows calls

https://www.vx-underground.org/windows.html

We've updated the vx-underground AV Tech paper collection

- 2023-04-19 - Demonstrating monitoring abnormal syscalls with ETW
- 2023-04-27 - The Art of Clipboard Forensics Recovering Deleted Data

Check it out here: https://www.vx-underground.org/malware_defense.html

vx-underground will be 4 years old soon

We've updated the vx-underground Windows malware paper collection

- 2022-09-14 - Myths About External C2
- 2022-10-18 - Fantastic Rootkits And Where to Find Them Part 1 & 2
- 2023-05-03 - Exploring Impersonation through the Named Pipe Filesystem Driver

https://www.vx-underground.org/windows.html

An individual informed us they executed a malware sample from our repository on their host OS because they believed the malware sample was disarmed (?).

We do not know what this means.

Please exercise caution when handling malware.

Cheers,

Everyone was once a beginner - we understand this and speak with students often. However, for your own safety, if you are not 100% sure what you're doing, it is best to treat everything on vx-underground as nuclear waste.

Have a nice day.

An unknown Threat Actor claims to have breached and exfiltrated data from Dragos

Windows 11 Insider now includes portions of the Windows kernel written in Rust. Our initial questions:

What percentage of this utilizes unsafe blocks?

Why is it so much smaller? (thats what she said haha gottem)

We've updated the vx-underground malware sample collection

- Bazaar.2023.04
- Virusshare.00469
- InTheWild.0070
- 67,277 new malicious binaries

Thanks to petikvx for the samples <3

Check it out here: https://samples.vx-underground.org/samples/Blocks/

We have more than 40,000,000 malware samples. We have pulled thousands of APT samples, malware family samples, and generic malware samples for free. It is a daily grind to keep things updated

Please consider donating or buying merch to support us.

Thank you and have a nice day.