March 6th: EUROPOL announced the arrest of 2 individuals tied to DoppelPaymer ransomware group. German authorities state the March 6th arrests were related to a ransomware attack which resulted in the death of a patient September 18th, 2020 at Düsseldorf Hospital.

The German government issued a warrant for Irina's arrest right before International Women's Day:(

vx-underground was briefly shown on National Geographic last week on an episode about cyber crime.

We are not a hacker forum.

The green links are links they clicked. National Geographic clearly has no interest in Windows malware papers.

We've archived the vx-underground APT collection for the year 2022. You can now download every APT sample and paper from the year 2022 in bulk.

- 4,848 malware samples
- 480 papers
- 6.47GB (compressed)

Check it out here: https://samples.vx-underground.org/samples/Blocks/APT%20Collection/

Some individuals from Fiverr, an online freelancer marketplace, have contacted vx-underground.

A Threat Actor is social engineering freelancers, tricking them into running a loader which executes Redline stealer.

AnyRun Analysis: https://app.any.run/tasks/993103a3-2430-4b1c-8c6f-59a00913067d/

Yesterday Rob Joyce, the Director of the United States National Security Agency (NSA), asked Twitter users to caption an old photo of him. He did not like our title caption:(

More context on vx-underground being featured on National Geographic

Video courtesy of realhackhistory

We've updated the vx-underground Windows malware kernel paper collection.

- Lord Of The Ring0 - Part 1 - Part 4

Check it out here: https://www.vx-underground.org/windows.html#kernel_mode

Lockbit ransomware group has ransomed a 3rd party parts manufacturer for SpaceX - they claim to possess over 3,000 proprietary schematics for SpaceX.

In the ransom announcement Lockbit issued a message to Elon Musk and SpaceX employees, taunting them.

Information via AlvieriD

Ring LLC, the home security and smart home company owned by Amazon, has been ransomed by ALPHV ransomware group.

They left a simple message to Ring: "There's always the option to let us leak your data".

Ransomware wouldn't be a problem if we removed encryption from all electronic devices

Happy Pi Day, nerds.

We've heard your complaints loud and clear. SentinelOne has expanded the giveaway.

tl;dr submit your best malware research and win a Macbook Pro and have your research featured on SentinelOne's website (and VXUG, duh)

*See attached image for details

sentinelone.com/lp/vx-s1/

We worked damn hard with SentinelOne to ensure we can give someone a really cool laptop - to give an underdog a voice in research. If you nerds don't submit something cool we will deploy monkey-bonk on a catastrophic scale

March 5th: ALPHV ransomware group began leaking photos of topless female breast cancer patients.

March 14th: Patients effected by the ALPHV ransomware attack filed a class action lawsuit against the hospital.

Information via: AlvieriD

More info: https://www.lehighvalleylive.com/news/2023/03/cancer-patient-sues-lvhn-over-cyberattack-in-which-photos-data-were-leaked-on-dark-web.html