[lwerdna]

I think some of that still exists, but the goal is to to evade anti-virus instead of compressing and deterring RE:

https://hackforums.net/forumdisplay.php?fid=299

[kondor6c]

Yes, this was my first experience with this piece of software. You can pretty clearly tell that it is from UPX by examining the file in a hex editor.

I still have the malicious file on VM for me to do some analysis on it later. (if anyone would like it, feel free to contact me) edit: added the contact me

[gordaco]

I remember cases where the AV successfully detected the upxed executable, but not the original, because upx was so widespread that the most common version of the infected file was upxed.

[0xcde4c3db]

"Packed" executables are also still used in the demoscene for fitting into size limit categories.