Wow I feel like a fucking asshole.

Steve Bridges, the comedian, died. Not Mike Bridges. I'm so fucking deep fried today from being sick and everything else I fucked up his name despite looking directly at his wife's Instagram post.

Sigh. I'm sorry, Steve. I'm dumber than hell.

Yesterday Xubuntu was compromised and the sites download button was delivering malware. I saw a bunch of people yappin about it so I decided to reverse engineer it.

I am profoundly disappointed in the results. The people who compromised Xubuntu and made it deliver malware could have done some serious damage and done some cool malware stuff

Instead it delivered a C#.NET binary that helps people download Xubuntu (???) but when they click the download Xubuntu thingy it also extracts a malicious file outside the C# program.

The malicious file just swaps crypto addresses from the clipboard so they can hijack transactions, or something.

Smh

My full weird up is here if you have X and want to read it

https://x.com/vxunderground/status/1979885711579865307

ok

AWS is having problems today.

Everyone go back to bed.

Internet infrastructure will come back later today (probably).

Enjoy this cat picture.

October 17th, 2025 EUROPOL performed Operation SIMCARTEL

They arrested 7 people. EUROPOL seized:
- 1,200 sim boxes
- 40,000 active sim cards
- 5 servers
- gogetsms
- apisim
- 4 luxury cars
- $502,000 in bank accounts
- $310,000 in cryptocurrency

They also released a badass video

The suspects apprehended were allegedly responsible for over 1,700 fraud cases in Austria and over 1,500 in Latvia which amounted in damages exceeding €4,900,000

They services provided allowed people to perform phishing and social engineering campaigns.

Cool infrastructure+

Yesterday I spazzed out for a bit about malware terminology. Now that I'm calm (I've had my morning coffee, a delicious sandwich, and my yummy cigarettes) let's have a conversation about malware nomenclature.

Educational material in regards to malware, specifically in schools, is painfully outdated and is in desperate need to being updated.

It's not uncommon for schools to list the generic, broad, vague, and ambiguous terms for malware being (something along the lines of): Adware, Spyware, Ransomware (NEW!), Backdoor, Trojan, Rootkit, and Worm. Sometimes they'll sprinkle in something like "Zip Bomb" or "0day".

All of these terms heavily overlap with each other. It is entirely possible for something to be a "backdoor" while also simultaneously being a "trojan" "rootkit".

These terms are fossils from the 1990's, early 2000's, and don't accurately reflect how modern malware works.

Proposed update:
- Stager
- Loader
- Module
- Ransomware
- Stealer
- Drainer
- Wiper
- RAT
- ???

Each should also note the motive of the malware (state-sponsored, financially motivated, "troll", or hacktivist).

imagine being some stinky nerd and europol rides up and hits your ass with a flash bang at 9 IN THE MORNING and on a FRIDAY

smh rude af

YouTuber, and stinky malware degenerate, John "BigMoney" Hammond a/k/a _JohnHammond created a CTF and references vx-underground whereas he asserts the password could potentially be infected.

smh makes me PHYSICALLY sick

A large VPN provider reached out to me.

They were wanting to do some stuff together to reach the cybersecurity audience, or something.

The primary reason I don't do ads, while I very much enjoy having money, is because I can't in good faith recommend a product to my audience which I cannot in totality stand behind.

vx-underground's success is partially due to transparency, honesty, admitting mistakes, and willingness to accept fault and/or responsibility.

I believe there is a shift in the VPN-sphere whereas some providers are trying to capture a more cybersecurity attentive audience.

That's cool. Do your thing homie. I understand the VPN business is rough and your company is always on the grind to make money. No hate.

However, I can't deceive my audience because they're the only reason I have success

Thank you for the love and support despite my many (MANY) faults, mistakes, typos, repetitive corrections and updates, unnecessarily crass tone when writing, failed and/or abandoned vx-underground experiments, etc.

I have no idea what the fuck I'm doing and why so many people follow this account. But we're riding this bitch, dawg

Ride and die malware ✊(I'm scared and confused)

Anyway, now that I'm done virtue signaling and pretending I'm all high and mighty, here is a new formula I'm experimenting with.

I'll be pushing updates to the "Updates" directory. It has cool and badass ASCII art like old VXUG

https://vx-underground.org/Updates

No, vx-underground is not associated with any cryptocurrencies. I don't know why people keep asking.

I'm not a cryptocurrency nerd.

I (very sincerely) don't even understand how it works. I perceive it as imaginary internet money that nerds use for nerd stuff.

Want to stop cybercrime tomorrow? Simple. Decriminalize cybercrime.

Can't be a crime if it's not illegal

Think smarter not harder

Nintendo wanted to do an advertisement on the Switch and FOX news Milwaukee, Wisconsin, jumped the gun and went doomer mode on bro😢

Hello,

More updates have been pushed. Look at it, enjoy the spoopy ASCII art.

https://vx-underground.org/Updates

Yo this z3bra dude is fuckin COOKIN

Holy guacamole bro

https://www.unknowncheats.me/forum/anti-cheat-bypass/718917-elysium-uefi-bootkit-framework-attacks-boot-time-code-integrity.html

> "Satya Nadella says as much as 30% of Microsoft code is written by AI"

We're under a massive DDoS attack.

Oh no! Now I can't work! I guess that means all I can do is schizo post on social media and play video games!