vx-underground

03 Mar 2025 20:07

GET THE FUCK AWAY FROM ME

vx-underground

03 Mar 2025 12:35

No disrespect to the artistic nerds, but if you contact us via DM, or e-mail, or whatever — we're always down to potentially buy some artwork. But, we traditionally go with a 80's and/or 90's mall goth computer vibe.

Your gamer profile picture artwork doesn't fit with us.

vx-underground

03 Mar 2025 10:48

back in the day, when i was in my late-teens/early-20s, instead of taking trash to the dumpster, i would just throw it in my apartment fireplace. every night i burned my trash. i just didnt wanna go outside

vx-underground

03 Mar 2025 02:14

We received this message on Telegram.

All of us are in our 30's, some are indeed closer to 40 years old. To put it into perspective, I've been coding for 19 years. Based on this message, there is a high probability I've been coding longer than they've been alive.

¯\_(ツ)_/¯

vx-underground

02 Mar 2025 05:35

As we've been exploring Discord cybersecurity servers here is what we've learned:

- Every Discord is the BEST server for {HACKER_THING}
- Every Discord does {THING} weekly
- Every Discord is noob friendly (as opposed to openly discriminating against uneducated people)
- Every Discord tagged "cybersecurity" will NOT discuss malware (it's illegal and for nerds)
- Highest displayed people must have weird font in their display names, making them difficult to read or impossible to tag
- Everyone is "extremely busy" but on Discord all day, everyday, nonstop, and providing updates on how extremely busy they are
- Everyone who is a "hacker" has a flashy and cool Discord profile (they paid $15.99 for it)
- Everyone is an OSINT expert
- Everyone is a programming expert
- Everyone is a Linux expert
- Everyone is an omnipotent being, capable of bending space and time
- Everyone is top 1% of HTB

vx-underground

01 Mar 2025 06:10

Congratulations to Mr. Elon Musk on the birth of his 14th child.

He now has more kids than the number of people I talk to in real life.

vx-underground

01 Mar 2025 05:56

RIP to the homie Skype 🙏

Skype is on life-support. Microsoft confirmed they're pulling the plug May 5th, 2025.

August 29th, 2003 - May 5th, 2025

vx-underground

28 Feb 2025 20:41

Yes, that's 81 TRILLION dollars — more than double the entire United States debt.

vx-underground

28 Feb 2025 19:09

After this post we received a follow-up with the individual who posted this image on social media.

This person works at a small US-based car dealership. They don't have an IT department. They don't know how it happened. They were told to remain at home until otherwise specified

vx-underground

28 Feb 2025 18:50

Today Mikhail Matveev a/k/a "Wazawaka" a/k/a "RansomBoris" was sentenced today for ransomware-like cybercrime charges in Russia.

Previously, Mr. Matveev acted as the leader of Babuk ransomware group (before shutting down the operation), was a member of Lockbit ransomware group, Conti ransomware group, HIVE ransomware group, and BlackMatter ransomware group. Mr. Matveev was prolific in the ransomware ecosystem and is believed to be behind several high profile ransomware attacks, including ransoming police departments and critical infrastructure in the United States (and abroad, to other European allies of the United States government).

The infamous Wazawaka, FBI Most Wanted, was sentenced to 18 months of "limited freedom". "ограничение свободы" in the Russian Federation penal code is a lesser form of criminal punishment which acts similar to house arrest in the United States.

Restrictions:
- Curfew
- Travel restrictions (cannot leave city or region)
- Contact with probationary officer for check-ins
- Social and/or employment restrictions — prohibited from visiting places such as bars, nightclubs, protests, gambling establishments

Special thanks to ddd1ms for sharing updates on the court case and providing information on the final verdict

vx-underground

28 Feb 2025 03:32

More information: https://whois.ipip.net/AS131279

vx-underground

28 Feb 2025 03:22

Employees going onto social media to express confusion over their network being hit by Qilin ransomware

Indeed, "Fun day at the office"

vx-underground

27 Feb 2025 06:42

Note: We have absolutely zero clear what the United States government is going to do for a United States active-duty servicemen selling information to a United States adversary. We've never seen this before.

vx-underground

26 Feb 2025 23:44

> want to be fancy
> want to call NtRegisterClassExWOW
> want to call NtUserCreateWindowEx
> opens user32.dll
> opens win32u.dll

mfw

vx-underground

26 Feb 2025 10:18

Apparently this needs to be said because people expressed concern regarding this post.

This is not medical advice, this is just a personal experience. Consult a doctor and do research. Don't listen to some stinky nerd on the internet. Yada yada yada, drugs are bad

vx-underground

03 Mar 2025 12:36

We also aren't interested in furry artwork.

We appreciate the pitch and for you thinking of us. But uh, we're just not that group. Bring us some dark edgy retro stuff and we'll happily talk.

vx-underground

03 Mar 2025 10:57

Someone sent us this photo. Someone is impersonating us on Telegram (as is tradition).

We'd never call someone "patriot". We're not Facebook schizoboomers. Also, unironically, we initiate most our conversations with a photo of a kitty cat or say "ping".

vx-underground

03 Mar 2025 02:17

We've been told several times our jokes are not funny and we come across as "depressed ass millennials". You're not wrong in that assessment, our sense of humor is (probably) outdated.

tl;dr we're aging, it shows in our humor 😭

vx-underground

03 Mar 2025 02:07

"WE TEACH OFFENSIVE SECURITY: MASTER THE DARK ARTS AND BECOME 1337 HACKER (except malware, malware is pure evil, a dark art that should not be taught)" — hacker courses

vx-underground

02 Mar 2025 04:48

Hi, administrative updates.

1. We're still migrating the virus-dot-exchange database. It has taken us over 30 days. Why? I don't feel like explaining, but believe it or not this is the fastest we can move malware for the time being. It needs to be made clear that this is individual malwares, this is not the bulk downloads people prefer. All those giant .7z files you pull are already moved, live, and available for download.

What we're doing now is moving every single malware individually.

We've moved 9,415,637 malwares. We still have quite a bit to go. We're moving probably 500,000 - 1,000,000 a day from one backend to another.

2. We've got a lot of papers and malwares in queue. We haven't added it yet because I REALLY want to finish this fuckin' database migration. I am allocating 100% of resources to moving this malware so it's done and I can forget about this nightmare.

3. Despite our constant growth (on social media and our malware library), we've lost a considerable amount of monthly donors and sponsors. We've lost 2 sponsors and probably 30+ individual monthly donors. Every person has cited they simply do not have the financial means to donate to us for the time being. We have money to keep our heads above water, but if you'd like to help us, please consider throwing us some money. I strongly dislike begging for money on social media.

Have a nice morning, noon, or night
-smelly smellington

vx-underground

01 Mar 2025 05:59

We missed the Skype hype. When Skype was popular, we were still arguing on Freenode, but we are told many noobies got their introduction to nerd shit from Skype.

Go'bless

vx-underground

28 Feb 2025 20:44

mfw someone gets a free $81,000,000,000,000

vx-underground

28 Feb 2025 20:39

Today Citigroup, the 3rd largest bank in the United States, made the largest oopsie-doopsie banking typographical error in history.

Citigroup was supposed to credit a customer with $280

Citigroup instead accidentally sent the customer $81,000,000,000,000

vx-underground

28 Feb 2025 18:51

tl;dr makes hundreds of millions, fbi most wanted, europol most wanted, was sentenced by russian gov to 18 months of probation, cant go to bars and has to be home by 8pm

vx-underground

28 Feb 2025 03:40

Copy pasta from X-article so you don't need to use Xitter.

Title: Creating "Ransomware" Using WinRT

This isn't "ransomware".

This is the blueprint for a ransomware testing payload for a "Purple Team" scenario. I am curious of EDR visibility into WinRT (Universal Windows Platform (UWP) apps) — so I crafted a C++ application, which strictly uses WinRT functionality from WINAPI-like-C++, compiled as a WIN32 app, to see how it looks.

This proof-of-concept is essentially a glorified asynchronous file string console printer. What makes it unique is it relying entirely on WinRT from a Win32 app.

WinRT possesses the ability to encrypt files. I opted to not introduce file encryption functionality (although it would be bare-bones, plain password protected) into this proof-of-concept because I think ransomware in general is highly susceptible to abuse even in its most basic forms.

Regardless, I think this code is interesting and I wanted to share it. Maybe it'll inspire someone else to review WinRT more, or someone will pick up this code and experiment with it in an enterprise environment.

- smelly smellington

vx-underground

28 Feb 2025 03:31

February 23rd, 2025, an unknown Threat Actor(s) compromised a North Korean ... whois record (maybe?), not entirely sure what we're looking at.

vx-underground

28 Feb 2025 02:06

Computers have memory

vx-underground

27 Feb 2025 06:40

Today the United States District Court for the Western District of Washington for Seattle, unsealed case details regarding Cameron John Wagenius a/k/a "kiberphant0m" a/k/a "cyb3rph4nt0m"

The defendant, Mr. Wagenius, has expressed intent to the United States government to plea guilty.

The United States government has noted that Mr. Wagenius unlawfully posted and transferred confidential phone records information of high-ranking public officials. Additionally, Mr. Wagenius sought to flee the United States to a (currently redacted) country to avoid prosecution in the United States. Furthermore, the United States government notes Mr. Wagenius had sold information to an unidentified (*unidentified in the court documents) foreign intelligence service. He performed these actions while being on active duty for the United States Army stationed at Fort Cavazos.

He is currently being held in military custody. He is scheduled to be "separated" from the United States Army in March, 2025. The United States government is requesting Mr. Wagenius immediately be moved over into jail, rather than the custody of his Father. They argue he is a flight risk.

The remainder of the document notes Mr. Wagenius attempting to extort a victim for $500,000 and Mr. Wagenius, when in fear he may soon be arrested, researching how to flee to Russia.

vx-underground

26 Feb 2025 20:07

We're (still) migrating the virus-dot-exchange database.

We've moved 8,915,959 malwares. We have a lot more to move still.

We have malware.

vx-underground

26 Feb 2025 06:30

February 12, 2025, an unknown Threat Actor was able to compromise a person at the United States Department of Defense.

We have not received information on how the e-mail was compromised and/or what was achieved from the compromise.

We have confirmed the Threat Actor lost access soon after they got access to the e-mail address. However, we have no details as to how long "soon" is.