0xChefo

A mind map with resources on malware analysis and removal: mind42.com/mindmap/b59990…

@vxunderground And, preferably, they should use an antivirus with a proper behavior blocker, such as Bitdefender or Emsisoft.

Regular ass people should 100% use an anti-virus. Malware plagues the normies. It's like shooting fish in a barrel. Using SOMETHING is better than NOTHING. Dawg, these normies are detonating cat_picture.jpeg.exe. They need all the help they can get No disrespect though

@rifteyy Most of the malware infections that I have dealt with were from steam cracks.

Opening a malware removal post and seeing the user talk about some “All Files.zip” is making me tear up at this point. 90% of recent malware infections are from pirates “clicking the wrong link and accidentally executing the Instaler.exe” and getting RenPyLoader. 🫩

@rifteyy The base of infected users seems to be the same as on malware removal discord servers.

Malware removal for a subreddit using FRST fun fact: 90% of all fixlists I wrote over the past few weeks were for 2 same malware families - one is turning your device into a Proxyware and second loads Rugmi and multi-stage Clipbanker What did pretty much every user have in common? Hosts file full of fake FitGirl entries, Windows Defender exclusions for pirated game folders, ton of downloads from Torrents and other shady sources.

@vxunderground Develop a real FOSS anti-malware that's not a ClamAV fork. Linux seems to be in need of one.

I want to share something. I don't expect anyone to care. I just want to scream into the void. I've accomplished everything I've ever wanted to do with malware. There isn't really a malware thingy that's popped up that I haven't seen or done. My malware code repository of stuff I've written dates back to like, 2009. I've released dozens upon dozens of never before seen (at least publicly) malware snippets and ideas. I'm standing at this weird cross road where I'm standing at the peak and I'm kind of looking around like ???. What do I do now? Options: 1. Keep finding new stuff for usermode Windows malware 2. Venture outside usermode to kernel mode malware 3. Switch focus, focus on initial access or stager stuff, not final payload 4. Switch focus, focus outside Windows to different platforms 5. Switch to defense, develop ways to detect malware 6. ??? There is always more to learn and do. But, I've been climbing vertically for like, 20 years, and in order to keep climbing I need to find a different path.

If anyone is having trouble with this, the Malware Analysis Course coupons from the @vxunderground giveaway must be used on single course purchase, not on the bundle. Each coupon is usable two times. x.com/shifkey/status…

@shifkey @struppigel You can use the coupon twice to enroll in both courses.

@struppigel thank you so much! I can't wait to start the Malware Analysis for Hedgehogs courses 🤯 I've got the VX coupon code but cannot seem to apply it to the bundle checkout, as the running promotional discount has the coupon code field disabled. Could you provide a bundle checkout link with the current running promo disabled, please? Cheers! @cepnang @__blueNinja @HighIronWolf @mmxcs8 @lilacj4de @Tr3s0r @address_below0 @bruce_k3tta @0xChefo

Winners of the @vxunderground Malware Analysis for Hedgehogs Bundle Giveaway @cepnang @shifkey @__blueNinja @HighIronWolf @mmxcs8 @lilacj4de @Tr3s0r @address_below0 @bruce_k3tta @0xChefo Congrats to the winners

@vxdb @vxunderground @cepnang @shifkey @__blueNinja @HighIronWolf @mmxcs8 @lilacj4de @Tr3s0r @address_below0 @bruce_k3tta This is the first time I’ve won a giveaway! Thank you! 🎉

@vxunderground @nikhil_mitt @struppigel Malware Analysis for Hedgehogs

Big giveaway. - (x3) Certified Red Team Expert (CRTE) - (x3) Certified by Altered Security Red Team Professional for Azure (CARTP) - (x10) Malware Analysis for Hedgehogs Bundle CTRE and CARTP sponsored by @nikhil_mitt Malware Analysis sponsored by @struppigel Leave a comment below on what you'd like. Winners chosen in 24 hours.

Hello folks, Today's my birthday (0x41 years old, yikes!) and since it's very likely going to be my last one, I've decided to post this. I can't be assed to chop it into parts and format it for the various social networks I'm on. I've put it on a web page and am posting a link.

@VessOnSecurity Thank you, Dr. Bontchev! I am currently doing malware removal using a methodology that is similar to the one on the BleepingComputer forum. I’ll continue learning more about cybersecurity to meet the job requirements. I wish you have a nice day!

@0xChefo Some AV companies have presence here but only sales offices, I think - not research and development. But other kinds of companies need people who are familiar with malware too; check these open positions: jobs.bg/en/front_job_s…

A recording of my lecture "Should Paying Off Ransomware Be Illegal?" is now publicly available on YouTube. Ignore the first minute and a half of chatter in Bulgarian - that's my boss introducing me. The lecture itself is in English. Apologies for my awful accent. 😀

@VessOnSecurity I’m too young to remember, I was born 15 years later 😅. Unfortunately, there seem to be very few malware analyst positions in our country and none of the well-known anti-malware vendors have offices here. 🙁

@0xChefo There has been one since 1990, when I created it. 😇

Make sure to collapse all nodes and then expand each one manually.

A mind map with resources on malware analysis and removal: mind42.com/mindmap/b59990…