vx-underground

11 Mar 2025 02:29

Rant / opinion

DdoS attacks can be difficult to attribute especially if it's DdoS-as-a-Service. Additionally, accurate attribution of any offensive cyber operation in mere hours in low.

The likelihood of a state sponsored group performing a DdoS attack on an American social media platform is also extremely low. A DdoS attack wouldn't serve any military objective (or an intelligent one rather).

The broad sweeping statement the DdoS attack came from Ukraine (or the Ukraine area(?), at a moment where many Americans are divided on the Ukraine-Russian conflict, is inflammatory at best, is propaganda at worst. Generally speaking, DFIR needs to performed, external organizations will need to be consulted, you cannot (or rather should not) make a statement regarding the situation at hand while having little to no conclusive evidence for accurate attribution. In other words, an organization typically would not make a statement regarding the origins of an offensive cyber operation without concrete evidence.

tldr sigh, non computer nerds will eat up this crap and spread conspiracy theories and misinformation.

vx-underground

10 Mar 2025 20:18

🚨BREAKING🚨

THE X USED IN THE MUSK TWEET ISNT THE SAME X ON THE KEYBOARD. WTF IS THAT WEIRD LOOKING X.

vx-underground

10 Mar 2025 17:45

Twitter has been down for a really long time. Probably like, 4 or 5 hours, dunno.

Elon Musk probably fuming that he can't post every 15 minutes.

vx-underground

09 Mar 2025 13:05

Unrelated, someone asked if I remember "September 9th". They didn't even know the correct date as September 11th.

Also, yes.

vx-underground

09 Mar 2025 05:27

Someone from India has been doing mass downloads from our virus exchange (in the millions)

1. My dude — we allow bulk downloads from our main website.
2. Don't make us impose API limitations

vx-underground

05 Mar 2025 21:10

The visual demonstration illustrating cyber security defense against ransomware

vx-underground

05 Mar 2025 12:02

I don't wanna get too political, but honestly we should treat 32bit ASM as historical, like 16bit ASM.

"It's 2025, show the kids r8 and r9", — 2pac, All Eyez On Me

vx-underground

05 Mar 2025 02:42

hot take: people with super fancy pc setups with super clean desks arent actually working

if your desk isnt covered in cigarette ash (or vape juice), deodorant sticks, broken electronics, old batteries, pill bottles, and energy drinks — wtf are you doing? browsing youtube?

vx-underground

05 Mar 2025 01:49

Threat Intel reports BianLian ransomware group have begun physically mailing extortion letters to company executives. The goal is apply pressure and intimidate them.

Unfortunately, BianLian doesn't speak, read, or write English, so the letters are confusing

vx-underground

04 Mar 2025 08:35

Malware is illegal and for nerds

vx-underground

03 Mar 2025 21:06

Last week Qilin ransomware group hit a small time car dealership in the United States. They were like, "nah, that's not shitty and fucked up enough" and proceeded to ransom a cancer treatment center in Japan.

vx-underground

03 Mar 2025 12:36

We also aren't interested in furry artwork.

We appreciate the pitch and for you thinking of us. But uh, we're just not that group. Bring us some dark edgy retro stuff and we'll happily talk.

vx-underground

03 Mar 2025 10:57

Someone sent us this photo. Someone is impersonating us on Telegram (as is tradition).

We'd never call someone "patriot". We're not Facebook schizoboomers. Also, unironically, we initiate most our conversations with a photo of a kitty cat or say "ping".

vx-underground

03 Mar 2025 02:17

We've been told several times our jokes are not funny and we come across as "depressed ass millennials". You're not wrong in that assessment, our sense of humor is (probably) outdated.

tl;dr we're aging, it shows in our humor 😭

vx-underground

03 Mar 2025 02:07

"WE TEACH OFFENSIVE SECURITY: MASTER THE DARK ARTS AND BECOME 1337 HACKER (except malware, malware is pure evil, a dark art that should not be taught)" — hacker courses

vx-underground

11 Mar 2025 02:04

Elon Musk did an interview today stating the IP addresses in the X cyber attack (?) originated from "the Ukraine area" (???).

This has resulted in many people believing the the Ukrainian government is responsible for the DdoS attack on X

vx-underground

10 Mar 2025 20:13

Creating a GUI interface using Visual Basic, see if I can track an IP address

vx-underground

10 Mar 2025 04:05

Linux? More like linSUX, am I right? haHA get rage baited nerd

vx-underground

09 Mar 2025 13:01

Chat, we are cooked. The 90s is considered old now.

vx-underground

08 Mar 2025 04:46

Busy, have a random meme from the phone. Talk soon

Love you

vx-underground

05 Mar 2025 18:22

Chat, we've spread misinformation on the internet.

Yesterday we posted BianLian was sending extortion letters through the mail. That was incorrect. It is a BianLian impersonator trying to scam people.

Please accept our handwritten apology.

vx-underground

05 Mar 2025 02:45

current desk setup: old spice deodorant stick (gets hot af in office), broken smoke detector, broken xbox controller, a bunch of pill bottles, vitamin pills, vape coils, vape juice, wires (idk where they go), some lego parts, tape measure (idk why), lens cleaner, unopened mail

vx-underground

05 Mar 2025 01:52

BianLian is actually sending extortion letters through the mail. But the letter with the shit handwriting that makes no sense is a joke.

vx-underground

05 Mar 2025 01:42

Calm down in infosec today.

Only 1500 places ransomed, 400 enterprise environments compromised, and 9000 new threat groups.

vx-underground

04 Mar 2025 03:37

It's time we share some knowledge on the legality of malware in the United States.

We can't speak regarding other countries, but we've had a few recently (also, historically) who have questioned the legality of our website and what we do.

Note: we're not lawyers, but we've consulted with lawyers to make sure we don't do any oopsies

Possessing malware is not illegal. The United States CFAA (Computer Fraud and Abuse Act), which was codified to combat "hacking" or "illegal cyber activity", is vague and doesn't quantify modernized malware well.

1. Possessing, writing, researching, collecting, designing, discussing, archiving malware, etc is not a crime. It does not violate the CFAA. The actions described previously align with goals and ideologies of cyber security researchers, threat intelligence vendors, and students.

2. It IS ILLEGAL to intentionally design, develop, release, or "spread" malicious software with intent to harm others (financially, physically, etc). Additionally, it IS ILLEGAL to knowingly and (depending on context) unknowingly aid and/or abet a person or organization with the design, development, release, or "spread" of malicious software.

tl;dr it's an extremely grey area and you have to "walk the line" so you don't do a whoopsie and catch a felony.

Examples:
👍Tony thinks malware is cool. He collects it online. He password protects the malicious files. He encourages others to review them too.

👎Tony has friends who he suspects are committing cybercrime. They ask him to create infrastructure which can be used to house malware payloads. Tony isn't sure on their intent, but he does it anyway.

👍Tony likes malware research. He shares a cool proof-of-concept which he thinks may be challenging for security software to detect. He open sources it online and encourages collaboration from others.

👎Tony likes malware research. He develops a payload he thinks may be challenging for security software to detect. Tony goes online to shady forums and sells the code to people who may abuse it.

👍Tony receives tips and donations from people for his online malware stuff. People think he is doing cool stuff and want to support him.

👎Tony agrees to host potentially malicious software for others for a fee. He actively tries to hide the payment "paper trail" by accepting payments in Monero.

👍Tony goes onto social media to openly discuss on-going security threats. He discusses victims who may be impacted by a large and evolving security threat.

👎Tony is aware of a large and evolving security threat. Tony speaks privately with criminals and gives them hints and clues to help them hide their presence online.

vx-underground

03 Mar 2025 20:07

GET THE FUCK AWAY FROM ME

vx-underground

03 Mar 2025 12:35

No disrespect to the artistic nerds, but if you contact us via DM, or e-mail, or whatever — we're always down to potentially buy some artwork. But, we traditionally go with a 80's and/or 90's mall goth computer vibe.

Your gamer profile picture artwork doesn't fit with us.

vx-underground

03 Mar 2025 10:48

back in the day, when i was in my late-teens/early-20s, instead of taking trash to the dumpster, i would just throw it in my apartment fireplace. every night i burned my trash. i just didnt wanna go outside

vx-underground

03 Mar 2025 02:14

We received this message on Telegram.

All of us are in our 30's, some are indeed closer to 40 years old. To put it into perspective, I've been coding for 19 years. Based on this message, there is a high probability I've been coding longer than they've been alive.

¯\_(ツ)_/¯

vx-underground

02 Mar 2025 05:35

As we've been exploring Discord cybersecurity servers here is what we've learned:

- Every Discord is the BEST server for {HACKER_THING}
- Every Discord does {THING} weekly
- Every Discord is noob friendly (as opposed to openly discriminating against uneducated people)
- Every Discord tagged "cybersecurity" will NOT discuss malware (it's illegal and for nerds)
- Highest displayed people must have weird font in their display names, making them difficult to read or impossible to tag
- Everyone is "extremely busy" but on Discord all day, everyday, nonstop, and providing updates on how extremely busy they are
- Everyone who is a "hacker" has a flashy and cool Discord profile (they paid $15.99 for it)
- Everyone is an OSINT expert
- Everyone is a programming expert
- Everyone is a Linux expert
- Everyone is an omnipotent being, capable of bending space and time
- Everyone is top 1% of HTB