J-Michael Roberts 

@[email protected]
271 Followers
69 Following
101 Posts
DFIR examiner at Corvus Forensics and malware farmer of VirusShare
Websitehttps://corvusforensics.com
Malwaresitehttps://virusshare.com
Birdsite@forensication
Nerdy Swaghttps://corvusforensics.com/swag/
J-Michael Roberts Jun 30, 2025
VirusShare ☣Jun 30, 2025
It took quite a bit of work, but VirusShare seems to be mostly back to normal. <knocks on wood> I am still moving things around and squashing the occasional issue, so please let us know if you spot any problems.
J-Michael Roberts May 21, 2025
VirusShare ☣May 21, 2025
Due to a significant hardware failure affecting critical systems, VirusShare is currently offline. This outage affects the web interface as well as API endpoints.
J-Michael Roberts May 16, 2025
VirusShare ☣May 16, 2025
It's been an interesting two days of first mitigating a DDoS and then dealing with the fallout of a UPS failure, but things seem to be back to normal. 🤞 Only change to note: I had to move the ftp server for sample uploads to new subdomain ftp.virusshare.com
J-Michael Roberts May 13, 2025
VirusShare ☣May 13, 2025
Not entirely sure if it's intentional or coincidental, but if you are having trouble accessing VirusShare, it's because we are getting DDoS'd by a crapton of requests for the md5 hash lists.
J-Michael Roberts Aug 7, 2024
VirusShare ☣Aug 7, 2024

Exciting technical news to report. I'm in the home stretch of completing a major storage upgrade and migration to a new 88TB ZFS pool that will hold all the malware samples.

I have synced 64TB (!) of malware over to the new storage pool and switched all the systems over to use the new pool. I am now in the final phase of synchronizing the last of the data that was added since the initial sync. As a result, there may be some samples added in the previous month that are unavailable for download - but will be eventually. I just can't estimate when that will be for any given sample.

This project was in the works for a while. I finally decided to move forward when the raid expansion feature was officially added to the @openzfs project. I thank them for their many years of hard work and dedication to adding this feature, among many others.

This project has been active for <checks notes> 13 years. Between the raidz pool expansion features and an average compression ratio of 1:1.3, I expect I can hum along for many more.

J-Michael Roberts May 19, 2024
Jack Daniel (often offline)May 19, 2024
Whenever I check in on the mortal remains of tweety/x thing I think about the rust belt in the US, used to be thriving and vibrant communities, and now just fetid decay, in spite of many folks clinging to it.
J-Michael Roberts Mar 4, 2024
Esther SchindlerMar 3, 2024
At the bar there was a sign saying, "Ask for the WiFi password."
I asked the barman what the WiFi password was and he said, "You have to buy a drink first."
I ordered a drink and asked again and he said, "You have to buy a drink first, no capitals or spaces."
J-Michael Roberts Jan 25, 2024
Sorry I haven't posted much. I've been dealing with some unfortunate crap. https://www.app.com/story/news/local/eatontown-asbury-park/asbury-park/2024/01/25/asbury-park-santander-leaks-mushrooms/72316722007/
Mushrooms growing out of the walls: Asbury Park condo residents say leaks remain unfixed

The Santander building, a condominium high-rise in Asbury Park that is over 90 years old, is plagued with leaks, some residents complain.

Asbury Park Press
J-Michael Roberts Jan 13, 2024
Trying to figure out why a wrench would be given network connectivity. Maybe middle management spying on employee wrenching? Selling ads? Listen to mechanic podcasts while you wrench? 🤷‍♂️
J-Michael Roberts Jan 13, 2024
Jerry 🦙💝🦙Jan 13, 2024
TFW you get ransomware on your nutrunner https://arstechnica.com/security/2024/01/network-connected-wrenches-used-in-factories-can-be-hacked-for-sabotage-or-ransomware/
Hackers can infect network-connected wrenches to install ransomware

Researchers identify 23 vulnerabilities, some of which can exploited with no authentication.

Ars Technica