We've updated the vx-underground AV Tech paper collection

- 2023-04-19 - Demonstrating monitoring abnormal syscalls with ETW
- 2023-04-27 - The Art of Clipboard Forensics Recovering Deleted Data

Check it out here: https://www.vx-underground.org/malware_defense.html

vx-underground will be 4 years old soon

We've updated the vx-underground Windows malware paper collection

- 2022-09-14 - Myths About External C2
- 2022-10-18 - Fantastic Rootkits And Where to Find Them Part 1 & 2
- 2023-05-03 - Exploring Impersonation through the Named Pipe Filesystem Driver

https://www.vx-underground.org/windows.html

An individual informed us they executed a malware sample from our repository on their host OS because they believed the malware sample was disarmed (?).

We do not know what this means.

Please exercise caution when handling malware.

Cheers,

Everyone was once a beginner - we understand this and speak with students often. However, for your own safety, if you are not 100% sure what you're doing, it is best to treat everything on vx-underground as nuclear waste.

Have a nice day.

An unknown Threat Actor claims to have breached and exfiltrated data from Dragos

Windows 11 Insider now includes portions of the Windows kernel written in Rust. Our initial questions:

What percentage of this utilizes unsafe blocks?

Why is it so much smaller? (thats what she said haha gottem)

We've updated the vx-underground malware sample collection

- Bazaar.2023.04
- Virusshare.00469
- InTheWild.0070
- 67,277 new malicious binaries

Thanks to petikvx for the samples <3

Check it out here: https://samples.vx-underground.org/samples/Blocks/

We have more than 40,000,000 malware samples. We have pulled thousands of APT samples, malware family samples, and generic malware samples for free. It is a daily grind to keep things updated

Please consider donating or buying merch to support us.

Thank you and have a nice day.

Our new merch shop is https://vx-underwear.org.

That is not a joke. We did a poll and you degenerates overwhelmingly supported vx-underwear as the domain name.

This is your fault.

RIP sock accounts and parked Twitter handles

You can bring a horse to water but you can't make it learn C++

We are now the proud owner of your favorite initial access method

The source code to VMProtect has been leaked online. Individuals who reviewed the files noted some key files are missing. However, a good portion of it appears to be present.

It originated from a Chinese forum. The original thread has now been deleted.

Users are reporting some unusual Twitter bugs.

Or vx-underground tweets are bookmarked on an intergalactic level.

Individuals in France are having problems accessing Telegram links. When they try to visit a Telegram URL they receive this image

Image via Hugo_Miskine

It appears France has done a country-wide block on t.me URLs. See attached image for translation.

tl;dr France labels Telegram as a domain for child pornography

French authorities say the block on Telegram was a mistake and claim they don't know what happened

???

More information: https://www.lemonde.fr/pixels/article/2023/05/13/les-adresses-telegram-bloquees-en-france-par-erreur_6173242_4408996.html

You're all a bunch of domain squatting degenerates