October 20th security researcher rivitna2 noted the return of HIVE ransomware rebranded as Hunters International. Additionally, BushidoToken noted a 60% code overlap between Hunters International and HIVE.

Hunters International denies the allegations ¯\_(ツ)_/¯

tl;dr "we are not HIVE, but we have their code"

We've updated the vx-underground Windows malware paper collection

- 2022-03-11 - AV and EDR Evasion Using Direct System Calls
- 2023-04-18 - Process injection in 2023 - evading leading EDRs
- 2023-07-25 - Prefetch - The Little Snitch That Tells on You

https://vx-underground.org/

Yeah, we got compromised by APT29, but luckily MalwareBytes™ FREE AV stopped the Kremlin in their tracks! To be extra safe, we swung by the local Hilton Hotel and used their WiFi to install it

Everyone knows Russians can't visit Hilton Hotels. They're too decadent. They instantly explode and turn into sand.

The vx-underground podcast - but instead of discussing anything technical or meaningful we mumble incomprehensible nonsense for an hour and express our misanthropy in form of creative dance

vx-underground staff for the entire podcast:

Windows has 3 different types of boolean values.

typedef int BOOL
typedef BYTE BOOLEAN
typedef short VARIANT_BOOL

*BYTE is defined as an unsigned char

When setting VARIANT_BOOL you cannot use TRUE or FALSE. You need to use VARIANT_TRUE or VARIANT_FALSE

Have a nice day.

We are actively working on a guide for enterprise environments. It is titled: Prevention, Extortion, 'n' Information Security.

Here is a preview:

It's 2023. What the hell is going on over there in Australia?

Ccleaner was compromised and (limited) user data was exfiltrated. Luckily they're offering BreachGuard for 6 months! That's good, right?

... right?

Image via troyhunt

July 19th, 2010: Siemens PCS forum discussing Stuxnet

Another 116,024 malware samples queued and ready for upload into the VXDB 🫡

*Our VXDB is free for everyone to use
*You can download and search samples
*Bulk download coming (eventually)

https://virus.exchange

Sometime in 2021 we were contacted by an incredibly angry person. He was upset we did not 'defang' our malware samples.

He informed us he executed ransomware on his host machine and all of his data was locked.

We were just informed that a member of vx-underground lost two family members in Maine yesterday. A cousin and a nephew were the victims of a very sick person.

We will be inactive for the next couple of days.

Yesterday Lockbit ransomware group listed Boeing on their victims list. Boeing is a multinational American company with an estimated annual revenue of $66,610,000,000. They have over 150,000 employees worldwide. Boeing serves both the public and private sector.

We spoke with Lockbit ransomware group administrative staff yesterday regarding Boeing. They informed us that they have not yet spoke with a representative from Boeing and they will not disclose any information to us about Boeing - more specifically they would not give us insights into how long they had access to Boeing, how much data was exfiltrated, what kind of data was stolen, etc.

Lockbit stated their ransomware affiliate got access using a 0day exploit. However, Lockbit would not elaborate further on this exploit hence we cannot verify the legitimacy of these claims.

It is also probably worth noting that most victims listed by Lockbit are given 10 days (or more) to begin negotiations. Lockbit gave Boeing less than 6 days

We received our latest paycheck from Twitter. It is a mind boggling $39.36.

We do not believe this is sufficient enough to donate to a non-profit. Instead we will use this to giveaway 3 copies of Black Mass Volume II.

We will share information on this giveaway later.

ZachXBT, an independent cryptocurrency investigator who monitors and tracks cryptocurrency scams, received a video from a group of scammers. They got full bottle service last night, somewhere in Canada, and held a sign taunting him with "ZachXBT is watching".

Around July, 2023 an individual operating under the alias "Blue" and "Trout", successfully phished someone and stole $213,000 from the victim.

They subsequently paid a group of men to dance and thank the victim for the money.