Swift developers proving they're very not cool

tl;dr says "++" and "--" operators are confusing

We've updated the vx-underground Windows malware paper collection

- 2023-09-10 - GIF Steganography from First Principles
- 2023-09-11 - MATLAB Reverse Shell
- 2023-10-09 - Demonstrating Sleep Obfuscation - KrakenMask

Check it out here: https://www.vx-underground.org/

Swift removing ++ and -- operators because they can be confusing because of code like this:

int i = 5;
i = ++i + i++;

This is the beauty of the C/C++ programming language. You can make the metaphorical gun and metaphorically shoot yourself with it. Also, don't code like this

The argument is that this is potentially undefined behavior because of how the pre-increment and post-increment expression will be interpretted (and/or optimized) by the compiler.

tl;dr don't write goofy goober code

tl;dr tl;dr nerds arguing over methods to increment an integer

Hello, how are you?

We're now granting permission to individuals who would like to upload malware to our VXDB. We are only granting this to select individuals we know, or individuals we know who can be trusted (or vouched for). We are doing this to prevent our VXDB being flooded with junk data or non-malicious files.

No changes will be made to the VXDB for user registration or downloads. It will always be free.

If you'd like to contribute to the VXDB you can contact us Twitter DMs or via e-mail at staff@vx-underground.org

Additionally, we are still working on refining the VXDB, bulk download (via API) is still not supported yet. It is in our ever-growing todo list.

Thank you everyone for the love, support, donations, and sponsorships you've given us. We would not have been able to create this VXDB, get this much malware, or share it with this many people if it were not for all of you helping us out.

Love you,

At this moment in time vx-underground is a daily grind - keeping the website updated with new papers, malware samples, the VX-API, the VXDB, etc.

Not entirely sure what else can be done now. Other than continuing the generic updates

Mission accomplished...?

No, we're not shutting down. We're noting that we are considering exploring other projects for vx-underground (keyword: considering, nothing solid).

Also, we love all of you, especially you

It's been 10 minutes - still trying to understand this e-mail

Over the weekend we received a series of e-mails from compromised enterprise networks with the message "Я гей" ("I'm gay" in Russian). In a weird twist of fate, we received an e-mail (an uncompromised e-mail....) with the message "I'm gay".

Lots of gay people ¯\_(ツ)_/¯

TrustedSec has repeatedly spoken out about the importance of giving back, helping others, and making an impact on the community - whether it be them donating to educational programs to schools, creating cybersecurity conferences designed to make a positive impact on the community, sponsoring local events, or donating to people, giving away items, etc.

We spoke with Dave Kennedy, CEO of TrustedSec - he has offered us invaluable resources to aid us in our growth, given us insight into potential ways we can expand (while remaining free, vx-underground will remain free forever).

TrustedSec is also now our largest sponsor.

Thank you Dave Kennedy and friends at TrustedSec for making an impact and doing everything that you do. It is wholeheartedly appreciated it.

It should also be noted that Dave Kennedy asked for nothing in return for sponsoring us - not even a tweet or a logo on vx-underground. He is legitimately just wildin' out and helping nerds for fun

Monthly additions are now live. New additions:

- Virusshare.482 total of 52,807 new samples
- The Old New Thing for October, 2023
- Malware analysis collection - 82 new papers from malpedia

Have a nice day.

https://www.vx-underground.org/

Attempting to close Microsoft OneDrive on Windows 11 triggers a poll asking the user why they want to terminate the process.

*Killing the process via task manager doesn't trigger the poll

Image via tomwarren

Omegle has shutdown.

https://www.omegle.com/

Our account through Donorbox has been suspended citing that they believe we have violated their policy. We have not.

We have used DonorBox for several years now with no issue.

Without their services we will no longer be able to accept donations and survive:(

The big whoopsie has hit.

Earlier this morning nerds began informing us that equity traders were unable to place trades (or clear previous ones) through ICBC (Industrial and Commercial Bank of China).

An emergency notice was sent out stating:

"ICBC is currently unable to connect to DTCC/NSCC. This issue is impacting all of ICBC’s clearing customers, including [censored]. Because of this, [censored] is temporarily suspending all inbound FIX connections and not accepting orders at this time. We are in close touch with ICBC and will advise as soon as the issue is resolved. We are exploring all avenues to clear all 11/8 trades and will provide updates as they become available."

It was speculated that it was ransomware, however it was not confirmed and it was just rumors. If it was a technical issue it is bad. But, now that we know it is ransomware, it is much worse.

More information: https://www.ft.com/content/8dd2446b-c8da-4854-9edc-bf841069ccb8

CheckPoint Harmony EDR/XDR Agent 87.60.0273 for Windows, MacOS, and Linux leaked online today.

Leaker allegedly established a fake company to purchase the software ¯\_(ツ)_/¯