Currently the public vx-underground Discord (VX Feed) provides a near in-real-time update on when new material is synced to vx-underground.
Basically, you can see when new papers are pushed or malware samples (bulk collection) are synced.
However, I am open to suggestions on other ways to notify individuals of new content additions. Historically I have used Twitter and Telegram, but due to the size of content added (and terrible formatting) I think that these platforms kind of suck now for displaying the big ass list of stuff added.
Maybe I'll just throw it on here anyway and let it look like shit, I don't know.
I'm adding approx. 15 new papers a day and uploading roughly 7,000 malwares a day. Not too bad
Basically, you can see when new papers are pushed or malware samples (bulk collection) are synced.
However, I am open to suggestions on other ways to notify individuals of new content additions. Historically I have used Twitter and Telegram, but due to the size of content added (and terrible formatting) I think that these platforms kind of suck now for displaying the big ass list of stuff added.
Maybe I'll just throw it on here anyway and let it look like shit, I don't know.
I'm adding approx. 15 new papers a day and uploading roughly 7,000 malwares a day. Not too bad
π₯50β€10π9π€4π1π’1
Damn, I guess we're putting malware on the blockchain now
I don't know what the fuck a smart contract is, but I guess it can be abused, or something.
Thanks, North Korea
https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding
I don't know what the fuck a smart contract is, but I guess it can be abused, or something.
Thanks, North Korea
https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding
Google Cloud Blog
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains | Google Cloud Blog
North Korea threat actor UNC5342 is leveraging the EtherHiding technique in espionage and financially motivated operations.
β€35π€―23π₯°11π4π₯2π1π1π1
As is tradition, due to being auto immune compromised, I am sick. Weather and seasonal change is illegal and for nerds
Thank you everyone for notifying me about HuntressLabs stuff. I'll talk about that later.
Please accept this picture of a cat (its me rn fr)
Thank you everyone for notifying me about HuntressLabs stuff. I'll talk about that later.
Please accept this picture of a cat (its me rn fr)
π₯°77π’25β€21β€βπ₯5π€2π1π€1π€1π«‘1
vx-underground
As is tradition, due to being auto immune compromised, I am sick. Weather and seasonal change is illegal and for nerds Thank you everyone for notifying me about HuntressLabs stuff. I'll talk about that later. Please accept this picture of a cat (its me rnβ¦
HuntressLabs referenced VXUG in their CTF. They weren't compromised, or something. Everyone immediately assumed the worst LOL
π€£58π₯°7π«‘3β€2π’1
I've seen a few people talk about crazy stories in cybersecurity. I'll share mine. I remember it so vividly it's like it happened yesterday.
This is a 100% real and true story.
I was hired on at a large AI company as the Master Chief Artificial Intelligence Engineer Scientist. However, unbeknownst to my colleagues, I was also a super cool and badass hacker (as you know).
One day the phone is ringing off the hook. I answer it. IT tells me there's been a cybersecurity attack in sector 79C.
Oh. My. God.
Sector 79C is where all top secret level code black data is stored. That's where Barack Obama's birth certificate is stored, the nuclear launch codes, and the corpse of Jimmy Hoffa. I was petrified.
I immediately ran full speed over to sector 79C. Although that sector is far away, I'm extremely fast and agile. I'm like a cool and badass ninja, or something. I used to coach Usain Bolt, no big deal.
Anyway, I kicked in the door. Sirens and alarms are blaring. The people in the room are screaming, running in circles, ripping their clothes off (they're on fire for some reason).
I told everyone to calm down. I'm arrived. I have come. I'm hot and ready.
I push the fat stupid loser Richard off his computer (he likes watching anime) and get to work. I see over 200 of our IP addresses have been hacked. I immediately write a JSON 0day botnet to fight back. Everyone is amazed at my skill.
BOOM! Kash Patel kicks in the door. I said, "Kash, what the hell is going on, Brotha?". He replied, "I'll see you in Hacker Valhalla.". Then he salutes me, throws me the American flag, and runs out the room. Even he was scared.
Back to business.
I check on my JSON botnet. It's winning. IP addresses have been whitelisted by Cloudflare and Google is pinging again. Close call.
I look at the IP addresses trying to hack us back. I was flabbergasted. It was Vladimir Putin himself. It was his home IP address. He made an amateur mistake and forget to use NordVPN before starting the cybersecurity IP address hack attack.
Within minutes the attack stopped and every started jumping for joy.
The fires that magically appeared had disappeared. People stopped running in the circles. Several smokin hot babes were so impressed they threw their bras at me. I was the man.
Afterward I went to the parking lot and hopped in my 2013 Lamborghini Veneno. Woman began chasing after me. I put on my cool hacker sunglasses, waved at them and said "toodles". I took off at 120MPH on my way to Bestbuy (I needed to update my antivirus).
Once I got home to my 47 bedroom and 14 bath mega mansion I decided to relax by taking a swim in my mote. I raced the alligators. I won again.
That's my hacker story (real and true)
This is a 100% real and true story.
I was hired on at a large AI company as the Master Chief Artificial Intelligence Engineer Scientist. However, unbeknownst to my colleagues, I was also a super cool and badass hacker (as you know).
One day the phone is ringing off the hook. I answer it. IT tells me there's been a cybersecurity attack in sector 79C.
Oh. My. God.
Sector 79C is where all top secret level code black data is stored. That's where Barack Obama's birth certificate is stored, the nuclear launch codes, and the corpse of Jimmy Hoffa. I was petrified.
I immediately ran full speed over to sector 79C. Although that sector is far away, I'm extremely fast and agile. I'm like a cool and badass ninja, or something. I used to coach Usain Bolt, no big deal.
Anyway, I kicked in the door. Sirens and alarms are blaring. The people in the room are screaming, running in circles, ripping their clothes off (they're on fire for some reason).
I told everyone to calm down. I'm arrived. I have come. I'm hot and ready.
I push the fat stupid loser Richard off his computer (he likes watching anime) and get to work. I see over 200 of our IP addresses have been hacked. I immediately write a JSON 0day botnet to fight back. Everyone is amazed at my skill.
BOOM! Kash Patel kicks in the door. I said, "Kash, what the hell is going on, Brotha?". He replied, "I'll see you in Hacker Valhalla.". Then he salutes me, throws me the American flag, and runs out the room. Even he was scared.
Back to business.
I check on my JSON botnet. It's winning. IP addresses have been whitelisted by Cloudflare and Google is pinging again. Close call.
I look at the IP addresses trying to hack us back. I was flabbergasted. It was Vladimir Putin himself. It was his home IP address. He made an amateur mistake and forget to use NordVPN before starting the cybersecurity IP address hack attack.
Within minutes the attack stopped and every started jumping for joy.
The fires that magically appeared had disappeared. People stopped running in the circles. Several smokin hot babes were so impressed they threw their bras at me. I was the man.
Afterward I went to the parking lot and hopped in my 2013 Lamborghini Veneno. Woman began chasing after me. I put on my cool hacker sunglasses, waved at them and said "toodles". I took off at 120MPH on my way to Bestbuy (I needed to update my antivirus).
Once I got home to my 47 bedroom and 14 bath mega mansion I decided to relax by taking a swim in my mote. I raced the alligators. I won again.
That's my hacker story (real and true)
π189β€23π€£23π«‘9π€8π₯5π4π―3π€2π₯°1π’1
vx-underground
I've seen a few people talk about crazy stories in cybersecurity. I'll share mine. I remember it so vividly it's like it happened yesterday. This is a 100% real and true story. I was hired on at a large AI company as the Master Chief Artificial Intelligenceβ¦
Oh yeah, I forgot. That company I saved? Amazon.
Jeff Bezos thanked me personally and handed me a crisp $100,000,000 bill as a thank you.
Jeff Bezos thanked me personally and handed me a crisp $100,000,000 bill as a thank you.
π€£123π15β€12π₯9π―5π€4π3π’1
Rest in Peace to yunginnanet a/k/a Kayos.
I'm at a total loss of words. I have no idea what to say. When vx-underground first started him, and his friends with ThugCrowd, were the first to offer us hosting when no one else would. He helped us before anyone gave a shit about the project. Kayos was always bleeding edge when it came to finding cool and new stuff.
In 2020, or 2021, him and I had a disagreement (which we settled privately). But that's all water under the bridge. That was years ago. He went on to form TCP DIRECT.
Occasionally throughout the years I tried contacting him on Signal. I saw him updating his profile picture, but he never replied. His friends, who I was friends with, said he was very busy, probably forgetful, and was simply living his best life. I tried not to take it personal. I was always told he's doing good, living the dream.
I can't believe he's gone, man. Kayos was genuinely a really fuckin' nice guy. My deepest, most heartfelt, sincere condolences to his friends and family. His passing will leave an infinite emptiness in the hearts to many people who surrounded him and cherished him.
I'm so incredibly sorry to his girlfriend, lifelessAI. Kayos was a really special person with a personality larger than life. He radiated charisma and pride. He was a super unique person and he always had something interesting to share or add to a conversation. He was always locked in, a hardcore Linux nerd, and always doing crazy projects too just for the love of the game.
These photos were shared via ytcracker. These are great photos which encapsulate his energy and charisma. Kayos was other worldly.
I'm at a total loss of words. I have no idea what to say. When vx-underground first started him, and his friends with ThugCrowd, were the first to offer us hosting when no one else would. He helped us before anyone gave a shit about the project. Kayos was always bleeding edge when it came to finding cool and new stuff.
In 2020, or 2021, him and I had a disagreement (which we settled privately). But that's all water under the bridge. That was years ago. He went on to form TCP DIRECT.
Occasionally throughout the years I tried contacting him on Signal. I saw him updating his profile picture, but he never replied. His friends, who I was friends with, said he was very busy, probably forgetful, and was simply living his best life. I tried not to take it personal. I was always told he's doing good, living the dream.
I can't believe he's gone, man. Kayos was genuinely a really fuckin' nice guy. My deepest, most heartfelt, sincere condolences to his friends and family. His passing will leave an infinite emptiness in the hearts to many people who surrounded him and cherished him.
I'm so incredibly sorry to his girlfriend, lifelessAI. Kayos was a really special person with a personality larger than life. He radiated charisma and pride. He was a super unique person and he always had something interesting to share or add to a conversation. He was always locked in, a hardcore Linux nerd, and always doing crazy projects too just for the love of the game.
These photos were shared via ytcracker. These are great photos which encapsulate his energy and charisma. Kayos was other worldly.
π«‘162β€38π€£6π₯5π4π2π±1π€©1
Wow I feel like a fucking asshole.
Steve Bridges, the comedian, died. Not Mike Bridges. I'm so fucking deep fried today from being sick and everything else I fucked up his name despite looking directly at his wife's Instagram post.
Sigh. I'm sorry, Steve. I'm dumber than hell.
Steve Bridges, the comedian, died. Not Mike Bridges. I'm so fucking deep fried today from being sick and everything else I fucked up his name despite looking directly at his wife's Instagram post.
Sigh. I'm sorry, Steve. I'm dumber than hell.
β€92π€£30π16π«‘15π3β€βπ₯2π1π₯1π€1
Yesterday Xubuntu was compromised and the sites download button was delivering malware. I saw a bunch of people yappin about it so I decided to reverse engineer it.
I am profoundly disappointed in the results. The people who compromised Xubuntu and made it deliver malware could have done some serious damage and done some cool malware stuff
Instead it delivered a C#.NET binary that helps people download Xubuntu (???) but when they click the download Xubuntu thingy it also extracts a malicious file outside the C# program.
The malicious file just swaps crypto addresses from the clipboard so they can hijack transactions, or something.
Smh
My full weird up is here if you have X and want to read it
https://x.com/vxunderground/status/1979885711579865307
I am profoundly disappointed in the results. The people who compromised Xubuntu and made it deliver malware could have done some serious damage and done some cool malware stuff
Instead it delivered a C#.NET binary that helps people download Xubuntu (???) but when they click the download Xubuntu thingy it also extracts a malicious file outside the C# program.
The malicious file just swaps crypto addresses from the clipboard so they can hijack transactions, or something.
Smh
My full weird up is here if you have X and want to read it
https://x.com/vxunderground/status/1979885711579865307
X (formerly Twitter)
vx-underground (@vxunderground) on X
Wtf are these Threat Actors doing? XUbuntu malware is dumb and stinky
π€£76π₯°18β€7π€6π₯2π±1π’1
This media is not supported in your browser
VIEW IN TELEGRAM
October 17th, 2025 EUROPOL performed Operation SIMCARTEL
They arrested 7 people. EUROPOL seized:
- 1,200 sim boxes
- 40,000 active sim cards
- 5 servers
- gogetsms
- apisim
- 4 luxury cars
- $502,000 in bank accounts
- $310,000 in cryptocurrency
They also released a badass video
They arrested 7 people. EUROPOL seized:
- 1,200 sim boxes
- 40,000 active sim cards
- 5 servers
- gogetsms
- apisim
- 4 luxury cars
- $502,000 in bank accounts
- $310,000 in cryptocurrency
They also released a badass video
π₯°74π€£20β€19π«‘6π€2π’2
vx-underground
October 17th, 2025 EUROPOL performed Operation SIMCARTEL They arrested 7 people. EUROPOL seized: - 1,200 sim boxes - 40,000 active sim cards - 5 servers - gogetsms - apisim - 4 luxury cars - $502,000 in bank accounts - $310,000 in cryptocurrency They alsoβ¦
The suspects apprehended were allegedly responsible for over 1,700 fraud cases in Austria and over 1,500 in Latvia which amounted in damages exceeding β¬4,900,000
They services provided allowed people to perform phishing and social engineering campaigns.
Cool infrastructure+
They services provided allowed people to perform phishing and social engineering campaigns.
Cool infrastructure+
π₯°61π9β€4π€4π€2π1
Yesterday I spazzed out for a bit about malware terminology. Now that I'm calm (I've had my morning coffee, a delicious sandwich, and my yummy cigarettes) let's have a conversation about malware nomenclature.
Educational material in regards to malware, specifically in schools, is painfully outdated and is in desperate need to being updated.
It's not uncommon for schools to list the generic, broad, vague, and ambiguous terms for malware being (something along the lines of): Adware, Spyware, Ransomware (NEW!), Backdoor, Trojan, Rootkit, and Worm. Sometimes they'll sprinkle in something like "Zip Bomb" or "0day".
All of these terms heavily overlap with each other. It is entirely possible for something to be a "backdoor" while also simultaneously being a "trojan" "rootkit".
These terms are fossils from the 1990's, early 2000's, and don't accurately reflect how modern malware works.
Proposed update:
- Stager
- Loader
- Module
- Ransomware
- Stealer
- Drainer
- Wiper
- RAT
- ???
Each should also note the motive of the malware (state-sponsored, financially motivated, "troll", or hacktivist).
Educational material in regards to malware, specifically in schools, is painfully outdated and is in desperate need to being updated.
It's not uncommon for schools to list the generic, broad, vague, and ambiguous terms for malware being (something along the lines of): Adware, Spyware, Ransomware (NEW!), Backdoor, Trojan, Rootkit, and Worm. Sometimes they'll sprinkle in something like "Zip Bomb" or "0day".
All of these terms heavily overlap with each other. It is entirely possible for something to be a "backdoor" while also simultaneously being a "trojan" "rootkit".
These terms are fossils from the 1990's, early 2000's, and don't accurately reflect how modern malware works.
Proposed update:
- Stager
- Loader
- Module
- Ransomware
- Stealer
- Drainer
- Wiper
- RAT
- ???
Each should also note the motive of the malware (state-sponsored, financially motivated, "troll", or hacktivist).
β€97π8π₯°5π―3π’2π«‘2
A large VPN provider reached out to me.
They were wanting to do some stuff together to reach the cybersecurity audience, or something.
The primary reason I don't do ads, while I very much enjoy having money, is because I can't in good faith recommend a product to my audience which I cannot in totality stand behind.
vx-underground's success is partially due to transparency, honesty, admitting mistakes, and willingness to accept fault and/or responsibility.
I believe there is a shift in the VPN-sphere whereas some providers are trying to capture a more cybersecurity attentive audience.
That's cool. Do your thing homie. I understand the VPN business is rough and your company is always on the grind to make money. No hate.
However, I can't deceive my audience because they're the only reason I have success
Thank you for the love and support despite my many (MANY) faults, mistakes, typos, repetitive corrections and updates, unnecessarily crass tone when writing, failed and/or abandoned vx-underground experiments, etc.
I have no idea what the fuck I'm doing and why so many people follow this account. But we're riding this bitch, dawg
Ride and die malware β(I'm scared and confused)
They were wanting to do some stuff together to reach the cybersecurity audience, or something.
The primary reason I don't do ads, while I very much enjoy having money, is because I can't in good faith recommend a product to my audience which I cannot in totality stand behind.
vx-underground's success is partially due to transparency, honesty, admitting mistakes, and willingness to accept fault and/or responsibility.
I believe there is a shift in the VPN-sphere whereas some providers are trying to capture a more cybersecurity attentive audience.
That's cool. Do your thing homie. I understand the VPN business is rough and your company is always on the grind to make money. No hate.
However, I can't deceive my audience because they're the only reason I have success
Thank you for the love and support despite my many (MANY) faults, mistakes, typos, repetitive corrections and updates, unnecessarily crass tone when writing, failed and/or abandoned vx-underground experiments, etc.
I have no idea what the fuck I'm doing and why so many people follow this account. But we're riding this bitch, dawg
Ride and die malware β(I'm scared and confused)
β€199π₯°22π«‘17π€4π3π€1π’1
vx-underground
A large VPN provider reached out to me. They were wanting to do some stuff together to reach the cybersecurity audience, or something. The primary reason I don't do ads, while I very much enjoy having money, is because I can't in good faith recommend a productβ¦
Anyway, now that I'm done virtue signaling and pretending I'm all high and mighty, here is a new formula I'm experimenting with.
I'll be pushing updates to the "Updates" directory. It has cool and badass ASCII art like old VXUG
https://vx-underground.org/Updates
I'll be pushing updates to the "Updates" directory. It has cool and badass ASCII art like old VXUG
https://vx-underground.org/Updates
π₯°60π₯26β€14π€3π’1
No, vx-underground is not associated with any cryptocurrencies. I don't know why people keep asking.
I'm not a cryptocurrency nerd.
I (very sincerely) don't even understand how it works. I perceive it as imaginary internet money that nerds use for nerd stuff.
I'm not a cryptocurrency nerd.
I (very sincerely) don't even understand how it works. I perceive it as imaginary internet money that nerds use for nerd stuff.
β€76π€£29π₯°11π€9π4π3π’1π1