We also want to give a shoutout to the many hundreds, over a thousand..., people who sent us e-mails. So many of you are incredible people who are passionate, driven, and wildly intelligent (probably way smarter than us...)

Shout out to:

- cyz1gy, we also love smelly cats, but not CS:GO
- Zoogs
- Liam, we can relate to you a lot more than you think and we love your honesty
- David - the nerd from New Jersey who is into video game hacking
- CooperTheFox7, for being way more intelligent and talented than all of us, congratulations on your academic achievements
- Sae3, you deserve so much and more, we promise to hook you up with something, we admire your ambition and drive
- Leonardo from Brazil, even though you didn't reply!
- Nicolas from Quebec, we understood you despite being tri-lingual
- Vincent from Sweden for swearing he isn't using ChatGPT
- David from Germany - we love you to death and we swear to hook you up something you deserve to be in IT
- Shreyas from India - shout out to you and your Father for the hardwork you both do. We know how hard it can be running a small-business.
- Hudson, even though you didn't reply to us!
- Mati from Argentina, we read your super long e-mail and we appreciate all of the kind things you said, it means a lot
- Smagul, we have a lot of friends in Kazahkstan and we promise to hook you up something. You deserve it.

Hello, we're on giveaway #6 of ??? for this Holiday season. Once again, check out Twitter and blah blah blah, you get it. More giveaway spam.

https://twitter.com/vxunderground/status/1733407331893792862

We have this weird fantasy where in the next 1 - 5 years there is a bunch of cyber security professionals who career started because of a bunch of nerds, with a shitty website, managed to gain enough internet clout to giveaway absurd amounts of educational material

We have finally updated vx-underground. We are behind on several projects due to our holiday season giveaway stuff.

Summary of whats new:

1. We are aware our search functionality is botched. It is a work in progress. Relax, we will fix it (eventually).

2. New content additions:
- 20,000+ new malware samples courtesy of our friends at virussign
- 2019-11-12 - Threat Hunting In Calltrace
- 2021-01-29 - Hunting in the Sysmon Call Trace
- 2023-09-05 - Demonstrating MockingJay with a POC and BOF

3. New section created: we are working on archiving the research of zachxbt with a category labeled "Cryptocurrency Analysis" in /Papers/Other

Have a nice day.

The Windows Projected File System (ProjFS) is ripe for the pickin' (for malware)

https://learn.microsoft.com/en-us/windows/win32/projfs/projected-file-system

We've had a dozen or so people ask us about ALPHV and their sudden website outage.

1. We have NOT heard rumors of them being arrested, we also have NOT heard rumors of their servers being seized. The only mentions of these rumors are from other people asking us about these rumors. We cannot comment the legitimacy of these claims because we have no way to substantiate them.

2. ALPHV informed us they are experiencing hardware failure on their server. This is the 2nd or 3rd time this has happened (to the best of our knowledge). However, similar to bulletin #1, we cannot provide evidence of these claims other than this is what ALPHV has informed us.

It is our opinion that ALPHV is indeed experiencing issues with their hosting provider. But, this is just an opinion and we have been wrong many times.

tl;dr ¯\_(ツ)_/¯ only time will tell

In the spirit of full disclosure: we are busy with hard drives, performing these giveaways, and preparing for the general holiday season. We are not particularly concerned with a ransomware blog having technical issues

Breaking!!!! 1336 hack in CS allows HAXKErs to do XSSg!!! SUPER DANGEROUS!!! donT CONNECT TO THE internet for They COuld steal YOUR skins!!!!

SOMEBODY DO SOMETHING

Our DMs are completely destroyed. It is exceptionally difficult to have conversations and reply to people at the moment.

1. We have more giveaways coming (5+ more)
2. DO NOT DM US ASKING FOR STUFF
3. DO NOT DM US ASKING FOR STUFF
4. DO NOT DM US ASKING FOR STUFF

Seriously, we say 'comment on the tweet for a chance to win'. If you DM us a whole shakespearean speech on why you deserve to win we will orbital nuke you

Giving away $800 of vx-underground merch on Twitter for Christmas / holiday season

https://twitter.com/vxunderground/status/1734673266357186847

Researcher discovers XSS/CSRF abusing undocumented features in Twitter analytics.

Thread shows full JS exploit chain to hijack users accounts by having them click a link.

¯\_(ツ)_/¯ Another day in Shangri-La

https://twitter.com/shoucccc/status/1734802168723734764

1. We are now selecting individuals to win vx-underground merch. We are choosing random people in blocks of 10. Pay attention!

2. More giveaways tomorrow

3. Yes, we know the RansomwareNewsBot on Twitter is still down. The developer traveled to the UAE and disappeared. Not joking.

We've won an award! We won the SANS "Most IC3 complaints" award! Shout out to the FBI, NSA, and CIA for not hooding us, kidnapping us, and prying our eyes open like that totally creepy scene from A Clockwork Orange.

(this is satire)

An unknown Threat Actor is selling stolen data from Bank of America. They claim they have over 500,000 unique records of customers with data including:

- First Name
- Last Name
- Full Address
- Date of Birth
- Social Security Number

WARNING: Before reading this, put a helmet on your head so when you begin repeatedly bashing your head on your desk you don't get brain damage. Chronic Traumatic Encephalopathy (CTE) is a serious issue. You've been warned.

Private Threat Intelligence community CTI League (CTIL) is being accused by political commentators (?) about conducting COVID19 counter-misinformation campaigns. CTIL was primarily documenting COVID19 misinformation campaigns and reporting information to healthcare facilities and government agencies on Threat Actor activity.

Political commentators assert CTIL intentionally withheld information on suspected Threat Actor's because their true objective was to target anti-vax individuals and act as a tool for NATO-based entities to conceal or censor information and freedom of speech.

This is the first time, to the best of our knowledge, that political commentators have vocally expressed disdain toward Cyber Threat Intelligence groups ... with the false belief they're a censorship group. The issue has escalated to the point where leadership from CTIL had to testify in front of United States congress.

tl;dr Cyber Threat Intelligence for healthcare facilities is illegal and for nerds

tl;dr tl;dr wtaf lmfao

uwu

We're almost done with our giveaways so soon we'll stop spamming you degenerates with free shit. Anyway, here is the next round of free stuff:

https://twitter.com/vxunderground/status/1735537990288490939