# ![@vxunderground Avatar](https://lunarcrush.com/gi/w:26/cr:twitter::1158139840866791424.png) @vxunderground vx-underground

VX-Underground, a community related to cybersecurity and malware, has been impacted by a series of events. Notably, one of its key figures, Kayos (also known as @yunginnanet), has passed away, which has been met with tributes from the community. Additionally, the site has faced technical issues, including a DDoS attack and a temporary shutdown of its malware exchange due to limited resources.

### Engagements: [---------] [#](/creator/twitter::1158139840866791424/interactions)
![Engagements Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1158139840866791424/c:line/m:interactions.svg)

- [--] Week [---------] -66%
- [--] Month [----------] +34%
- [--] Months [-----------] +189%
- [--] Year [-----------] +38%

### Mentions: [---] [#](/creator/twitter::1158139840866791424/posts_active)
![Mentions Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1158139840866791424/c:line/m:posts_active.svg)

- [--] Week [---] +16%
- [--] Month [---] -6.20%
- [--] Months [-----] +118%
- [--] Year [-----] +50%

### Followers: [-------] [#](/creator/twitter::1158139840866791424/followers)
![Followers Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1158139840866791424/c:line/m:followers.svg)

- [--] Week [-------] +0.82%
- [--] Month [-------] +4.30%
- [--] Months [-------] +14%
- [--] Year [-------] +21%

### CreatorRank: [------] [#](/creator/twitter::1158139840866791424/influencer_rank)
![CreatorRank Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1158139840866791424/c:line/m:influencer_rank.svg)

### Social Influence

**Social category influence**
[technology brands](/list/technology-brands)  [countries](/list/countries)  [social networks](/list/social-networks)  [stocks](/list/stocks)  #651 [finance](/list/finance)  #1042 [gaming](/list/gaming)  #1323 [celebrities](/list/celebrities)  [cryptocurrencies](/list/cryptocurrencies)  [travel destinations](/list/travel-destinations)  [automotive brands](/list/automotive-brands) 

**Social topic influence**
[united states](/topic/united-states), [microsoft](/topic/microsoft) #1786, [money](/topic/money) #284, [ai](/topic/ai), [twitter](/topic/twitter), [discord](/topic/discord) #340, [has been](/topic/has-been), [telegram](/topic/telegram), [youtube](/topic/youtube), [dawg](/topic/dawg) #15

**Top accounts mentioned or mentioned by**
[@404mediaco](/creator/undefined) [@grok](/creator/undefined) [@0megalvl3vent](/creator/undefined) [@icesolst](/creator/undefined) [@torguard](/creator/undefined) [@tracketpacer](/creator/undefined) [@ddd1ms](/creator/undefined) [@protonprivacy](/creator/undefined) [@cyberwarfarelab](/creator/undefined) [@13360ffby0ne](/creator/undefined) [@intcyberdigest](/creator/undefined) [@phrack](/creator/undefined) [@jcatblackhat](/creator/undefined) [@bleepincomputer](/creator/undefined) [@malcoreio](/creator/undefined) [@johnhammond](/creator/undefined) [@mqudsi](/creator/undefined) [@alvierid](/creator/undefined) [@vxdb](/creator/undefined) [@hackingdave](/creator/undefined)

**Top assets mentioned**
[Microsoft Corp. (MSFT)](/topic/microsoft) [Alphabet Inc Class A (GOOGL)](/topic/$googl) [Crowdstrike Holdings Inc (CRWD)](/topic/crowdstrike) [CyberConnect (CYBER)](/topic/cyber) [Cloudflare, Inc. (NET)](/topic/cloudflare) [Coinbase Global Inc. (COIN)](/topic/coinbase) [Bitcoin (BTC)](/topic/bitcoin) [Uber Technologies, Inc. (UBER)](/topic/$uber)
### Top Social Posts
Top posts by engagements in the last [--] hours

"Want vx-underground merchandise Want to support malware researchers Want to own a t-shirt that'll scare your GrandMother and BestBuy employees Sunday @Nico_n_art will be launching her web store. A portion of vx-underground t-shirt proceeds supports us. More info coming soon"  
[X Link](https://x.com/vxunderground/status/1326949016576339968)  2020-11-12T18:04Z 336K followers, [---] engagements


"We've made additions to the vx-underground malware source code repository on GitHub. Image attached shows the source codes added. - [--] Bootkit - 1Mirai variant - 10+ generic botnets / crimewares Check it out here: https://github.com/vxunderground/MalwareSourceCode https://github.com/vxunderground/MalwareSourceCode"  
[X Link](https://x.com/vxunderground/status/1329321586873294848)  2020-11-19T07:12Z 368K followers, [--] engagements


"REvil is extorting @Apple and Quanta Computer Inc. "In order not to wait for the upcoming Apple presentations today we the REvil group will provide data on the upcoming releases of the company so beloved by many. Tim Cook can say thank you Quanta.""  
[X Link](https://x.com/vxunderground/status/1384529044323008521)  2021-04-20T15:27Z 355.8K followers, [---] engagements


"Babuk ransomware group has opened up a FORUM titled 'RAMP:)'. Opening post + rules states: * A community for ransomware developers * Designed to stop RaaS scammers * Site rule states no one can target RU territory * RAMP:) claims to have no relation to Babuk ()"  
[X Link](https://x.com/vxunderground/status/1414588622670532616)  2021-07-12T14:13Z 367.5K followers, [---] engagements


"RAMP (Ransomware Anonymous Marketplace) formerly known as Babuk are plotting to breach the @USChamber This is the same group who successfully ransomed the DC Police in May [----] * Screenshot from their private forum * Thanks to @pancak3lullz for sharing this with us"  
[X Link](https://x.com/vxunderground/status/1430618609684992013)  2021-08-25T19:50Z 367.5K followers, [---] engagements


"CVE-2021-44832"  
[X Link](https://x.com/vxunderground/status/1475885954477006857)  2021-12-28T17:46Z 361.5K followers, [---] engagements


"@threatpost You forgot to put a space between the text and the hyperlink. Link: https://threatpost.com/ta2541-apt-rats-aviation/178422/ https://threatpost.com/ta2541-apt-rats-aviation/178422/"  
[X Link](https://x.com/vxunderground/status/1493595790694043654)  2022-02-15T14:39Z 367.5K followers, [--] engagements


"Robux the virtual currency used in the video game @Roblox is valued at $0.0125 The Russian Ruble as of 2:50AM EST is valued at $0.0092"  
[X Link](https://x.com/vxunderground/status/1498204359850704904)  2022-02-28T07:52Z 338.9K followers, [---] engagements


"@LawrenceA_UK @_IntelligenceX A relayed message from our attorney to you:"  
[X Link](https://x.com/vxunderground/status/1498231722911150081)  2022-02-28T09:40Z 367.6K followers, [--] engagements


"February 28th we shared details on Belarusian Cyber-Partisan groups (@cpartisans) attack on Belarusian Railway infrastructure. Despite the attack occuring [--] days ago individuals in Belarus are still unable to purchase tickets online. Footage has surfaced of the train queues"  
[X Link](https://x.com/vxunderground/status/1499397311700500489)  2022-03-03T14:52Z 335.9K followers, [---] engagements


"Very cool thanks @Avast"  
[X Link](https://x.com/vxunderground/status/1504855820500144139)  2022-03-18T16:22Z 346K followers, [---] engagements


"@okta This is our 3rd attempt at sharing the 5th - 8th photo. LAPSUS$ displayed a lot of sensitive information and/or user information so much so we end up missing to censor some. Photos [--] - [--] attached below"  
[X Link](https://x.com/vxunderground/status/1506117725571137536)  2022-03-22T03:57Z 335.8K followers, [---] engagements


"@Supermathie @okta In this particular case yes. LAPSUS$ addressed the URL"  
[X Link](https://x.com/vxunderground/status/1506118452720939008)  2022-03-22T03:59Z 336K followers, [--] engagements


"We've added a new paper to the vx-underground papers collection: "The Old Switcheroo: Hiding Code on Rockwell Automation PLCs". This is a small writeup from Team82 regarding CVE-2022-1161 & CVE-2022-1159 on Rockwell PLCs. Check it out here: https://www.vx-underground.org/other.html https://www.vx-underground.org/other.html"  
[X Link](https://x.com/vxunderground/status/1513513370166734848)  2022-04-11T13:44Z 335.9K followers, [---] engagements


"Conti ransomware group continues to mock and taunt the entire country of Costa Rica. Conti also calls the Biden administration terrorists"  
[X Link](https://x.com/vxunderground/status/1525463875872870400)  2022-05-14T13:11Z 336K followers, [---] engagements


"Conti has updated their message regarding Costa Rica"  
[X Link](https://x.com/vxunderground/status/1525496746507481088)  2022-05-14T15:22Z 335.9K followers, [--] engagements


"Something something malware insert meme here Have a nice day"  
[X Link](https://x.com/vxunderground/status/1530201085197144066)  2022-05-27T14:55Z 367.6K followers, [---] engagements


"Today an unidentified individual using the decentralized autonomous organization (DAO) "Decentral Bank" attempted to swap $5 USN (USD stablecoin) for Tether. The transaction "failed" but the user ended up receiving $10000000000000. More info: https://www.theblock.co/post/156328/decentral-bank-fixes-bug-that-let-one-user-mint-10-trillion-usn-for-just-10 https://www.theblock.co/post/156328/decentral-bank-fixes-bug-that-let-one-user-mint-10-trillion-usn-for-just-10"  
[X Link](https://x.com/vxunderground/status/1545222065640325121)  2022-07-08T01:43Z 336.1K followers, [---] engagements


"Earlier today " Live" reported pro-Russian hacker groups Killnet Anonymous Russia and CarbonSec had successfully breached Lockheed Martin exfiltrated data and disabled their security badges. Their evidence of this breach is a CloudFlare [---] message. 🧐"  
[X Link](https://x.com/vxunderground/status/1557401735383097347)  2022-08-10T16:21Z 377.3K followers, [---] engagements


"Yanluowang ransomware group claims to have breached Cisco. Intel and images provided via @Gi7w0rm"  
[X Link](https://x.com/vxunderground/status/1557450910741286912)  2022-08-10T19:36Z 336.1K followers, [---] engagements


"@Gi7w0rm Update: per @BleepinComputer and @Cisco representatives this is a real breach. More info here: https://www.bleepingcomputer.com/news/security/cisco-hacked-by-yanluowang-ransomware-gang-28gb-allegedly-stolen/ https://www.bleepingcomputer.com/news/security/cisco-hacked-by-yanluowang-ransomware-gang-28gb-allegedly-stolen/"  
[X Link](https://x.com/vxunderground/status/1557469580020301829)  2022-08-10T20:50Z 335.8K followers, [---] engagements


"Lockbit ransomware group ransomed Entrust. Following the breach Lockbit ransomware group was hit with a massive DDoS attack - taking them offline for several days. Entrust data is now being distributed on the infamous clearnet forum Breached. We've seen that photo before 😂"  
[X Link](https://x.com/vxunderground/status/1562839055158558720)  2022-08-25T16:27Z 335.9K followers, [---] engagements


"We've made some large updates to vx-underground - 16+ new APT papers + samples - New ICS/SCADA malware papers - New Advanced Malware papers - New Malware Family additions Please see attached images for details. Check it out here: https://www.vx-underground.org/ https://www.vx-underground.org/"  
[X Link](https://x.com/vxunderground/status/1563464867176075267)  2022-08-27T09:54Z 335.8K followers, [---] engagements


"11.84GB of United States Military Contractor and Military Reserve data has been leaked. We suspect (the now defunct) Conti ransomware group is distributing United States Military data they acquired when they breached Puerto Rico"  
[X Link](https://x.com/vxunderground/status/1566048747641085953)  2022-09-03T13:01Z 359.5K followers, [----] engagements


"HIVE ransomware group has ransomed Tata Power a multi-billion dollar electric utility company based in Mumbai India. Tata's confirmed the breach. Customers and sensitive data are effected but core functionality is present and customers still have electricity"  
[X Link](https://x.com/vxunderground/status/1584729037653803014)  2022-10-25T02:10Z 334.6K followers, [---] engagements


"Lockbit ransomware group issued a public apology to SickKids. SickKids is a Canadian based hospital and ranked #1 for Pediatric healthcare. December 29th [----] the pediatric hospital was ransomed. Lockbit has issued the decryptor for free and has allegedly fired the affiliate"  
[X Link](https://x.com/vxunderground/status/1609261929855320067)  2022-12-31T18:55Z 380K followers, 478.8K engagements


"Bitcoin developer Luke Dashjr claims his PGP key has been compromised - claims to have lost roughly 200BTC or $3341700.00"  
[X Link](https://x.com/vxunderground/status/1609969671179993088)  2023-01-02T17:47Z 343.3K followers, 241.5K engagements


"@Fortinet We said it was a leak but we never said what type of leak. Haha just teasing Fortinet and Threat Intelligence:)"  
[X Link](https://x.com/vxunderground/status/1611456225098473486)  2023-01-06T20:14Z 336.1K followers, 45.6K engagements


"Grand Theft Auto V has been assigned CVE-2023-24059 for containing a partial Remote Code Execution exploit More information: Grand Theft Auto Online community discussion: https://www.reddit.com/r/gtaonline/comments/10hsosu/mass_reporting_the_dangerous_pc_exploit/ https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2023-24059 https://www.reddit.com/r/gtaonline/comments/10hsosu/mass_reporting_the_dangerous_pc_exploit/ https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2023-24059"  
[X Link](https://x.com/vxunderground/status/1617412298817130500)  2023-01-23T06:41Z 335.9K followers, 60.4K engagements


"January 18th: Microsoft announces [-----] employees will be terminated January 23rd: Microsoft to invest $10000000000 into ChatGPT"  
[X Link](https://x.com/vxunderground/status/1617590143702933504)  2023-01-23T18:28Z 335.9K followers, 453.1K engagements


"We managed to get our hands on a Samjiyon Tablet from the Democratic People's Republic of Korea (DPRK) a.k.a. North Korea. These are not sold to foreigners"  
[X Link](https://x.com/vxunderground/status/1621123485614608385)  2023-02-02T12:28Z 336K followers, 351.8K engagements


"Modern day cyber security explained featuring: - Reddit - Microsoft (Bing) - Rockstar Games - NVIDIA - Okta - Uber - Ubisoft - Samsung - Riot Games"  
[X Link](https://x.com/vxunderground/status/1623874261738815492)  2023-02-10T02:39Z 336K followers, 151.6K engagements


"The era of pink-uwu-vx-underground has ended. We have returned to the 16-bit-satanic-dark-art-vx-underground"  
[X Link](https://x.com/vxunderground/status/1629055840354242563)  2023-02-24T09:49Z 349K followers, 126.3K engagements


"The International Criminal Court (ICC) has issued an arrest warrant for Russian President Vladimir Putin More Information: https://www.reuters.com/world/europe/icc-judges-issue-arrest-warrant-against-putin-over-alleged-war-crimes-2023-03-17 https://www.reuters.com/world/europe/icc-judges-issue-arrest-warrant-against-putin-over-alleged-war-crimes-2023-03-17"  
[X Link](https://x.com/vxunderground/status/1636752882673283072)  2023-03-17T15:34Z 335.9K followers, 47.8K engagements


"In the year [----] you have both Whitehat and Blackhat training courses. SANS Training Course: $4000 - $9000 Bassterlord (National Hazard Agency) Course: $10000 *Bassterlord is a known Lockbit affiliate"  
[X Link](https://x.com/vxunderground/status/1640171133562413056)  2023-03-27T01:57Z 335.9K followers, 122.4K engagements


"The reviews are nuts. "This book helped me ransom a SpaceX contractor""  
[X Link](https://x.com/vxunderground/status/1640172001531764738)  2023-03-27T02:00Z 335.8K followers, 34.4K engagements


"The recently released Binance court documents are absolutely insane tl;dr acknowledge terrorists use it to launder money openly forge reports indifferent to cyber crime"  
[X Link](https://x.com/vxunderground/status/1640715614686965764)  2023-03-28T14:01Z 335.8K followers, 96.3K engagements


"Earlier today @CrowdStrike reported a supply chain attack targeting the 3CX Voice Over Internet Protocol (VOIP) Windows desktop client. - [------] companies use it - [--------] users - @Sophos has identified a MacOS variant infected - Currently attributed to Lazarus Group"  
[X Link](https://x.com/vxunderground/status/1641249699746267138)  2023-03-30T01:23Z 335.9K followers, 208.1K engagements


"@CrowdStrike @Sophos Prior to @CrowdStrike's report - customers went to the 3CX forums expressing concerns that EDRs were reporting suspicious activity. EDRs from @CrowdStrike @ESET @PaloAltoNtwks and @SentinelOne flagged the binary. 3CX said they were wrong. Images via @malwrhunterteam"  
[X Link](https://x.com/vxunderground/status/1641251019840471040)  2023-03-30T01:28Z 336K followers, 50K engagements


"Genesis market the infamous initial access brokerage forum has been seized by the United States Department of Justice in cooperation with EUROPOL in what was named "Operation Cookie Monster""  
[X Link](https://x.com/vxunderground/status/1643327842065739779)  2023-04-04T19:01Z 339K followers, 151.6K engagements


"The United States Department of Justice has released documents regarding the Genesis Market domain seizure. The FBI got a copy of the Genesis Market backend December 9th [----]. They were able to get usernames passwords emails Jabber accounts BTC addresses etc"  
[X Link](https://x.com/vxunderground/status/1643710191345577986)  2023-04-05T20:20Z 344.7K followers, 54.7K engagements


"AtlasOS a modified version of Windows [--] is being discussed on YouTube. AtlasOS is described as a "transparent and streamlined modification of Windows". AtlasOS is designed for gamers. To improve Windows they have removed Windows Defender Restore Points and Security Updates"  
[X Link](https://x.com/vxunderground/status/1650885099335094272)  2023-04-25T15:30Z 337K followers, 1.6M engagements


"Following PornHub's block on internet traffic in Utah something very strange is happening according to Google 🤔"  
[X Link](https://x.com/vxunderground/status/1653509345261531140)  2023-05-02T21:18Z 341.6K followers, 493.1K engagements


"Individuals in France are having problems accessing Telegram links. When they try to visit a Telegram URL they receive an image from their ISP that the URL contains child pornography. Image [--]. Original message Image [--]. English translation Image via @Hugo_Miskine"  
[X Link](https://x.com/vxunderground/status/1657179544430731274)  2023-05-13T00:22Z 335.9K followers, 2.2M engagements


"A Threat Actor named "KyivWarrior" claims to be the individual responsible for the Dragos breach. They also claim to have persistent access to Dragos. KyivWarrior has not stated which ransomware group they belong to. *Name faces and details have been censored"  
[X Link](https://x.com/vxunderground/status/1658165550974115844)  2023-05-15T17:40Z 265.4K followers, 59.1K engagements


"Change your Steam ID to include the word "antidisestablishmentarianism". Steam server provider Akamai bans the word. However Steam does not. The word will (almost) destroy your Steam profile. More information: https://www.youtube.com/watchv=l8mvWiNs30M https://www.youtube.com/watchv=l8mvWiNs30M"  
[X Link](https://x.com/vxunderground/status/1661071611905339392)  2023-05-23T18:08Z 350.9K followers, 75.2K engagements


"We are giving away [--] free ticket to BlackHat USA [----] Our friends at @MITREattack (@coolestcatiknow and Kate Esprit) have presented us with this opportunity. They're great people. *Comment with your best meme for a chance to win *Ticket DOES NOT include hotel travel food etc"  
[X Link](https://x.com/vxunderground/status/1666525598053814285)  2023-07-13T03:53Z 265.5K followers, 94.7K engagements


"Topor Live a large Telegram-based news outlet based out of Russia with over 3.9M followers reported that REvil Anonymous Sudan and Killnet are going to take down the European banking system in [--] hours. Following this attack Linus Torvalds will switch to Windows"  
[X Link](https://x.com/vxunderground/status/1669034104619245587)  2023-06-14T17:28Z 366.6K followers, 492K engagements


"Killnet the ghost of REvil past and Anonymous Sudan announced in the [--] hours they would go 110% Mr. Robot and take down the European banking system or something [--] hours are remaining. We're half way there"  
[X Link](https://x.com/vxunderground/status/1669405843526172683)  2023-06-15T18:05Z 324.6K followers, 149.7K engagements


"Mark Zuckerberg has agreed to fight Elon Musk in a cage fight (). This is not satire. Elon Musk agreed to fight Mark Zuckerberg. Mark Zuckerberg replied on Instagram "Send me location" a reference to Russian MMA fight Khabib Nurmagomedov challenging Conor McGregor at UFC 229"  
[X Link](https://x.com/vxunderground/status/1671890551640317954)  2023-06-22T14:39Z 344.2K followers, 88.7K engagements


"Dana White President of the UFC has been working day and night to arrange an Elon Musk vs. Mark Zuckerberg fight. He believes the fight could make billions of dollars. He doesn't seem to understand that you can watch nerds fight for free on Infosec Twitter"  
[X Link](https://x.com/anyuser/status/1674539508300120064)  2023-06-29T22:08Z [--] followers, 52.7K engagements


"@TheFinalHop Yeah pretty accurate assessment especially nerds discussing the ethics of the website. We hope the website serves some value to you. Have a nice day"  
[X Link](https://x.com/vxunderground/status/1674595623138369537)  2023-06-30T01:48Z 265.5K followers, [--] engagements


"National Hazard Agency a sub-clique of Lockbit ransomware group has ransomed TSMC (Taiwan Semiconductor Manufacturing Company). The company has an estimated annual revenue of $57220000000. National Hazard Agency is ransoming them for $70000000"  
[X Link](https://x.com/vxunderground/status/1674664082065043456)  2023-06-30T06:20Z 320K followers, 285.4K engagements


"National Hazard Agency the sub-clique of Lockbit ransomware group responsible for the TSMC (Taiwan Semiconductor Manufacturing Company) ransomware attack has shared more photos of the compromise. Their demand for $70000000 makes this one of the largest ransoms of all time"  
[X Link](https://x.com/vxunderground/status/1674782166679703554)  2023-06-30T14:09Z 320K followers, 49.1K engagements


"FeelsBadMan.exe"  
[X Link](https://x.com/vxunderground/status/1675602429704826881)  2023-07-03T16:17Z 265.4K followers, [----] engagements


"Tigo a live video and chatting app for Android and iPhone accidentally exposed 100000000+ user messages online. The app is mostly known for dating & for dudes being thirsty. Images and information via @silascutler"  
[X Link](https://x.com/vxunderground/status/1676666580049055748)  2023-07-05T18:57Z 336.8K followers, 59K engagements


"Inspired by our friend @SPTHvx let's review a collection of malware author interviews from the 80s 90s and 2000s. In these interviews the interviewer asked "what do you think the future of malware looks like". Let's open a time capsule on a Saturday night =D"  
[X Link](https://x.com/vxunderground/status/1677870384824164353)  2023-07-09T10:33Z 265.4K followers, 95.1K engagements


"@SPTHvx [--]. Pockets in late [----] He predicts that cross-platform malware will be a new and emerging threat"  
[X Link](https://x.com/vxunderground/status/1677874395547615233)  2023-07-09T02:59Z 265.4K followers, [----] engagements


"@SPTHvx [--]. LovingGod March [----] He predicts internet worms and artificial intelligence will have more power. He predicts malware will turn into weapons"  
[X Link](https://x.com/vxunderground/status/1677874857256665089)  2023-07-09T02:59Z 265.4K followers, [----] engagements


"Arion Kurtaj the teenager alleged to be tied to multiple breaches including Uber Rockstar Games and more has been deemed not fit to stand trial. The court assessment believes Mr. Kurtaj is unable to understand court proceedings. More information:"  
[X Link](https://x.com/vxunderground/status/1678810908875685901)  2023-07-11T21:48Z 265.4K followers, 87.9K engagements


"vx-underground will be hosting a virtual conference. This virtual conference will charge $25 to view. We will NOT profit from this virtual conference in any manner. All proceeds will be going to charity. We are issuing a call of papers and presenters. Date: November 3rd 2023"  
[X Link](https://x.com/vxunderground/status/1678954895645241345)  2023-07-12T02:41Z 265.3K followers, 75.1K engagements


"ALPHV ransomware group claims to have ransomed Maruchan the company that creates instant noodles. This is an attack against weeb critical infrastructure"  
[X Link](https://x.com/vxunderground/status/1679128724489289728)  2023-07-12T15:12Z 265.5K followers, 123.8K engagements


"cl0p ransomware group claims a new series of victims from their MoveIT spray-n-pray campaign most notably this list includes Honeywell and AMC theaters Have a nice Wednesday"  
[X Link](https://x.com/vxunderground/status/1679130438021808130)  2023-07-12T14:08Z 254.8K followers, 23.7K engagements


"*sign in to twitter* more large companies ransomed *scroll* more critical RCEs *scroll* nerd fight *scroll* more crypto scams *scroll* *scroll*"  
[X Link](https://x.com/vxunderground/status/1681318169213014018)  2023-07-19T23:27Z 265.3K followers, 48K engagements


"An unknown individual used artificial intelligence to create a short firm with the central theme being 'ducks'. All visuals and audio were AI generated. It is a nightmare come alive"  
[X Link](https://x.com/vxunderground/status/1681731354549993484)  2023-07-19T18:22Z 348.8K followers, 153.8K engagements


"Our deepest condolences to the friends family and colleagues of Mr. Kevin Mitnick"  
[X Link](https://x.com/vxunderground/status/1681832666054774786)  2023-07-20T01:33Z 265.5K followers, 226.8K engagements


"cl0p ransomware group made a clearnet domain to distribute stolen files from PwC. The files download at 90KB/s. cl0p how is anyone going to verify GB (or TB) of stolen data at 90KB/s"  
[X Link](https://x.com/vxunderground/status/1681871783404748801)  2023-07-20T03:40Z 344K followers, 125.1K engagements


"In the past month nerds have been complaining of a worm on @Activision's MW2 A shared sample shows a sideloaded 32bit dsound.dll with some silly strings. It hooks DirectSoundCreate8 and then begins to work We have only briefly skimmed the file. We'll share the sample"  
[X Link](https://x.com/vxunderground/status/1684668732868644864)  2023-07-27T20:55Z 265.5K followers, [---] engagements


"Another group is once again threatening Israel. "Cyber Av3ngers""  
[X Link](https://x.com/vxunderground/status/1685042723701604352)  2023-07-28T21:41Z 265.4K followers, [---] engagements


"Montclair a township within the State of New Jersey was a victim of ransomware. However the Mayor reports it had "negotiated a settlement of $450000" with the attackers"  
[X Link](https://x.com/vxunderground/status/1686129918386565122)  2023-08-02T08:16Z 265.8K followers, 61K engagements


"Bram Moolenaar the author of Vim text editor passed away Thursday August 3rd [----]. He was 62"  
[X Link](https://x.com/vxunderground/status/1687955343593058305)  2023-08-05T22:34Z 265.4K followers, 115K engagements


"Ever wanted to make dispatch re-route patients Ever want to make physicians reschedule surgeries Ever want to make children die because the Mother is going into labor and network communications are down Then join the TrendMicro "Hack a Hospital" CTF😎 Image via @rootsecdev"  
[X Link](https://x.com/vxunderground/status/1688302921371267072)  2023-08-06T21:35Z 265.4K followers, 124.2K engagements


"Kaspersky sells the sickest merch in Russia. They're currently selling a "Kaspersky Heavy Metal" logo shirt for $10.08"  
[X Link](https://x.com/vxunderground/status/1689114890538033152)  2023-08-09T03:22Z 265.4K followers, 46.1K engagements


"Local media outlets in Las Vegas are reporting that The Sphere at The Venetian Resort is now displaying Christmas Themes. It is alleged that attendee's from the DEFCON security conference may be actively trying to hack the sphere. Footage via @MattWallace1701"  
[X Link](https://x.com/vxunderground/status/1689316027278979072)  2023-08-09T16:41Z 265.4K followers, 170.8K engagements


"X context doing us a favor today. We made a subsequent tweet regarding the Sphere in Las Vegas that was completely ignored. Thank you for making that more visible"  
[X Link](https://x.com/vxunderground/status/1689472906554658816)  2023-08-10T03:05Z 265.4K followers, [----] engagements


"One of our members ran into some dude at Defcon wearing one of our shirts. Thank you random guy for supporting us"  
[X Link](https://x.com/vxunderground/status/1689733381708218369)  2023-08-10T20:20Z 265.4K followers, 83.6K engagements


"vx-underground was founded May [----]. The Twitter account was created August [----]. It's been [--] years and people still ask for the password. [--] YEARS"  
[X Link](https://x.com/vxunderground/status/1689739200646578176)  2023-08-10T20:43Z 265.4K followers, 200.1K engagements


"We received an e-mail from a compromised Indian government e-mail address. The Threat Actor sent an image of an allegedly compromised ATF (The United States Bureau of Alcohol Tobacco Firearms and Explosives) employee account. We don't know if it's real. _()_/"  
[X Link](https://x.com/vxunderground/status/1689878762068828160)  2023-08-11T05:57Z 265.3K followers, 64.4K engagements


"We have begun receiving e-mails from compromised government e-mail addresses 😭"  
[X Link](https://x.com/vxunderground/status/1690019517856882688)  2023-08-11T15:17Z 265.4K followers, 92.8K engagements


"Over the past [--] hours we have received dozens of e-mails from compromised government e-mail addresses. This is a clear illustration of how easy it is for Threat Actors to get access to legitimate e-mails to social engineer people (or corporations)"  
[X Link](https://x.com/vxunderground/status/1690330814427365376)  2023-08-12T11:54Z 265.4K followers, 83.2K engagements


"A new combatant has entered the arena. This individual e-mailed us from a compromised United States government e-mail. They also wanted to provide to message to the other individuals e-mailing us. Image [--] & [--] is e-mail Image [--] is headers for nerds screaming spoof at us"  
[X Link](https://x.com/vxunderground/status/1690354842668081152)  2023-08-12T13:29Z 336.2K followers, 99.5K engagements


"Thank you to our amazing friend and colleague @lauriewired for the mysterious floppy and cool Pokemon card. However it is [----] and we do not have anything to view this"  
[X Link](https://x.com/vxunderground/status/1690588133367189504)  2023-08-13T04:56Z 265.4K followers, 65.6K engagements


"Today Raccoon Stealer announced their return. The Raccoon Stealer team informed us that the individual from their team arrested in October [----] was responsible for infrastructure. Following his arrest they decided to rebuild the entire infrastructure from scratch"  
[X Link](https://x.com/vxunderground/status/1691175828607111171)  2023-08-14T19:51Z 265.3K followers, 48K engagements


"You may not like it but this is what supreme intellect looks like. This individual single handedly unveiled an NSA or CIA operation. It is 100% not a shared hosting server for WordPress installations owner by HostGator"  
[X Link](https://x.com/vxunderground/status/1691298349238861824)  2023-08-15T03:58Z 265.4K followers, 435.1K engagements


"When you become a Lockbit ransomware affiliate this is what the affiliate panel looks like. - StealBit - LockBit RED - LockBit GREEN - LockBit BLACK - Linux/ESXi - Chat generation"  
[X Link](https://x.com/vxunderground/status/1691478108912644096)  2023-08-15T15:53Z 265.4K followers, 47.1K engagements


"AnonFiles the anonymous file upload and sharing website has decided to call it a quits today. When attempting to visit their website you are greeted with a farewell message. Thank you for your service AnonFiles. It was a helluva website. Information via @g0njxa"  
[X Link](https://x.com/vxunderground/status/1691867521912066205)  2023-08-16T17:40Z 265.3K followers, 180.3K engagements


"Leaked footage of FBI agents celebrating the indictment of ransomware actors"  
[X Link](https://x.com/vxunderground/status/1692076896463593737)  2023-08-17T07:32Z 265.4K followers, 29.3K engagements


"We've updated the vx-underground malware sample collection. We've added Win32.4943GeopBytes.Bomb. This zip bomb when opened it extracts to [----] Geopbytes - Byte - Megabyte - Gigabyte - Terabyte - Petabyte - Exabyte - Zettabyte - Yottabyte - Brontobyte - Geopbyte 🥵🥵"  
[X Link](https://x.com/vxunderground/status/1692230875537146285)  2023-08-17T17:44Z 265.5K followers, 89.7K engagements


"Basssterlord (also known as @AL3xL7 on Twitter) is an internationally wanted cyber criminal known Lockbit ransomware group affiliate and leader of the infamous "National Hazard Agency" group (a subgroup of Lockbit). He is publicly offering to pentest companies"  
[X Link](https://x.com/vxunderground/status/1692288607531192663)  2023-08-17T21:33Z 265.4K followers, 37.2K engagements


"8base ransomware group used the now defunct AnonFiles as a backup mirror for all of their stolen (or ransomed) data from victims. Due to the site going down 8base has admitted they are now encountering problems"  
[X Link](https://x.com/vxunderground/status/1692290901203181977)  2023-08-17T21:42Z 336K followers, 56.3K engagements


"In April we spoke with ALPHV ransomware group and shared information on their new strain labeled "Sphynx". Today Microsoft announce they "observed" a new version of ALPHV. How is our small group with no money getting intel faster than a billion dollar company"  
[X Link](https://x.com/vxunderground/status/1692312621477777519)  2023-08-17T23:09Z 265.4K followers, 79K engagements


"We are currently building the new vx-underground backend servers"  
[X Link](https://x.com/vxunderground/status/1692652608228384978)  2023-08-18T21:40Z 255.3K followers, 69.6K engagements


"Update on building the new vx-underground backend server: things are getting weird"  
[X Link](https://x.com/vxunderground/status/1692715833464627490)  2023-08-19T01:51Z 245.8K followers, 141.7K engagements


"New vx-underground backend is up. The issue was resolved using [--] fl oz of grape juice half a cup of pure cane sugar and .40 oz of Fleischmann's RapidRise Yeast"  
[X Link](https://x.com/vxunderground/status/1692901769511096830)  2023-08-19T14:10Z 255.6K followers, 26.8K engagements


"@Laughing_Mantis Go for it. We already have dozens of sites selling our merch and book without our consent _()_/"  
[X Link](https://x.com/vxunderground/status/1693691268990144688)  2023-08-21T18:27Z 265.5K followers, [----] engagements


"A Threat Actor identified a bug in the Duolingo API. Sending a valid email to the API returns generic account information on the user (name email languages studied). They used an email list to assemble over 2.6m unique entries. This will be used for doxxing"  
[X Link](https://x.com/vxunderground/status/1693742275145150927)  2023-08-21T21:50Z 265.4K followers, 102K engagements


"We would like to express our condolences to Blue Teamers. Microsoft has announced Microsoft Excel will now support Python. More information: https://techcommunity.microsoft.com/t5/microsoft-365-blog/introducing-python-in-excel-the-best-of-both-worlds-for-data/ba-p/3905482 https://techcommunity.microsoft.com/t5/microsoft-365-blog/introducing-python-in-excel-the-best-of-both-worlds-for-data/ba-p/3905482"  
[X Link](https://x.com/vxunderground/status/1693983499370541244)  2023-08-22T13:48Z 336K followers, 264.8K engagements


""Ransomed VC" a new extortion group weaponizes European GDPR (General Data Protection Laws). This group compromises websites then extorts the company by threatening them with GDPR fines. GDPR fines are $10000000 or 2% of the companies annual revenue"  
[X Link](https://x.com/vxunderground/status/1694376012497228176)  2023-08-23T15:48Z 308.1K followers, 68.5K engagements


".@RaytheonTech you left an API key exposed in your GitHub. Please don't shoot us with your BGM-109 Tomahawk cruise missile or your AGM-176 Griffin air-to-surface missile :("  
[X Link](https://x.com/vxunderground/status/1694454609056506086)  2023-08-23T21:00Z 265.4K followers, 150.4K engagements


"Facebook privacy policy settings image via /g/"  
[X Link](https://x.com/vxunderground/status/1694724754274709724)  2023-08-24T14:54Z 253.8K followers, 52K engagements


"@_RastaMouse Interesting. Our Twitch channel also recommends this person - despite the account primarily watching Rocket League Call of Duty and Valorant"  
[X Link](https://x.com/vxunderground/status/1694736621617271240)  2023-08-24T15:41Z 245.7K followers, [----] engagements


"We've updated the vx-underground malware paper collection - 2023-08-15 - Dll Notification Injection - 2023-08-10 - perljampl - A Perl x64 ELF virus - 2023-08-04 - Advanced persistence via Shell Extensions"  
[X Link](https://x.com/vxunderground/status/1694876648792096853)  2023-08-25T00:57Z 243.8K followers, [----] engagements


"Wow. Thank you so much to our friends at @TrustedSec for the ungodly amounts of free swag. They sent so much that the entirety of the stuff they sent couldn't even be photographed. Extra love to @HackingDave for the autograph Thank you 3"  
[X Link](https://x.com/vxunderground/status/1695118833009246686)  2023-08-25T16:59Z 265.5K followers, 28.4K engagements


"How to find love (a nerds guide 2023) [--]. Review Tinder API [--]. Write basic Tinder bot to programmatically swipe right nonstop [--]. Review each successful match (if any) in the evening [--]. [--]. Find love 💖"  
[X Link](https://x.com/vxunderground/status/1695154186474725764)  2023-08-25T19:20Z 265.3K followers, 52.6K engagements


"We've updated the vx-underground malware source code collection - Win32.TitanStealer - Win32.OfficeMacro.Melissa - Win32.RedPetya Image: Evil Red Team by @pancak3lullz Check it out here:"  
[X Link](https://x.com/vxunderground/status/1695275343437820218)  2023-08-26T03:21Z 265.3K followers, 25.1K engagements


"Today it was reported an unknown Threat Actor successfully compromised Poland's railway system. The Threat Actors triggered an emergency stop signal which brought [--] trains to a stop near the city of Szczecin More information:"  
[X Link](https://x.com/vxunderground/status/1695604752661295610)  2023-08-27T01:10Z 265.4K followers, 69.7K engagements


"Hello About [--] minutes ago we did a fundraiser trying to raise $375 for additional equipment for vx-underground. We achieved our goal (and went beyond it) in less than [---] seconds. We have deleted the tweet because you nerds kept trying to donate. Thank you. Ily♥"  
[X Link](https://x.com/vxunderground/status/1695622720954744865)  2023-08-27T02:22Z 265.4K followers, 69.8K engagements


"Russian law enforcement have begun arresting hackers in Russia. June [----] - Six individuals in Rostov arrested for identity theft August [----] - Malware developer from Krasnodar arrested sentenced to [--] years in prison All arrested committed crimes to NATO countries 🤔"  
[X Link](https://x.com/vxunderground/status/1696165354278461528)  2023-08-28T14:18Z 265.4K followers, 92.2K engagements


"We are receiving reports from people in the greater Los Angeles area that they are unable to retrieve content from vx-underground. They are informing us Spectrum (their ISP) has blackholed vx-underground's CDN which is samples.vx-underground. Using Google DNS resolves the issue"  
[X Link](https://x.com/vxunderground/status/1696213524324798680)  2023-08-28T17:29Z 243.6K followers, 32.4K engagements


"Hello A kind soul informed us that Spectrum has issued a company wide block on our CDN samples.vx-underground. Spectrum labeled us as such because Akamai ThreatAvert has labeled us as malicious. Akamai employees: please fix this 🥺"  
[X Link](https://x.com/vxunderground/status/1696342934872903758)  2023-08-29T02:04Z 244.8K followers, 42.5K engagements


"Hello Special thanks to the wonderful people at Akamai - they removed the block on our domain. Spectrum users should (eventually) be able to access our CDN soon once things are updated on their end. Thank you everyone who helped us. Love you 😘"  
[X Link](https://x.com/vxunderground/status/1696516336237601024)  2023-08-29T13:33Z 350.9K followers, 42.1K engagements


".@Arm has sent @Fox0x01 a cease-and-desist letter for 'copyright infringement'. Arm will own [--] of her domains related to Arm reverse engineering internals basics and exploitation. Her blog is also currently blocked. They may soon discontinue her book"  
[X Link](https://x.com/vxunderground/status/1696523530459062666)  2023-08-29T14:01Z 265.3K followers, 92.5K engagements


"@Arm @Fox0x01 Just purchased a copy of the one of the most dangerous books in history11 😎"  
[X Link](https://x.com/vxunderground/status/1696526620541227465)  2023-08-29T14:14Z 265.8K followers, 17.3K engagements


"Today the Federal Bureau of Investigation announced they have dismantled the Qakbot botnet. Qakbot has been one of the longest standing botnets in history dating back to [----]. FBI Director Christopher Wray made an announcement regarding the takedown:"  
[X Link](https://x.com/vxunderground/status/1696576028473205170)  2023-08-29T17:30Z 265.4K followers, 50K engagements


"@__execve It's 3:26am in the United States. Wait like [--] hours or something"  
[X Link](https://x.com/vxunderground/status/1696786650884448718)  2023-08-30T07:27Z 265.4K followers, [---] engagements


"We've updated the vx-underground malware sample collection. sort of We've added FBI Operation Duck Hunt 'Untether'. This is the payload the FBI deployed to untether infected machines from the QakBot botnet =D Check it out here:"  
[X Link](https://x.com/vxunderground/status/1696875937806135331)  2023-08-30T13:22Z 265.4K followers, [---] engagements


"POV you've walked into a book store and browse the computer science section"  
[X Link](https://x.com/vxunderground/status/1696880017752399981)  2023-08-30T13:38Z 265.5K followers, 65.9K engagements


"Lockbit ransomware group which has been relatively inactive for a few months just dropped 20+ victims in a single day. They've also reindexed their entire site over 100+ previous victims are now listed as being leaked today"  
[X Link](https://x.com/vxunderground/status/1697027546452259277)  2023-08-30T23:24Z 265.5K followers, 89.6K engagements


"Unpopular opinion: While the FBI has successfully 'dismantled' QakBot the reality of the situation is that the individuals behind this group have not been arrested and still maintain the source code. It has substantially damaged their operations but they will come back"  
[X Link](https://x.com/vxunderground/status/1697070835037622287)  2023-08-31T02:16Z 336K followers, 51.3K engagements


"Dear Microsoft Edge Please stop flagging our GitHub repo as malicious. Thanks"  
[X Link](https://x.com/vxunderground/status/1697674860082651258)  2023-09-01T18:16Z 265.5K followers, 155.9K engagements


"We have been closely monitoring individuals who have subscribed to Twitter (X) Blue and their reports on the payout program. We are seeing individuals with roughly the same follower count as us making approx. $4000 a month (or more depending on the content they discuss online). We are now experimenting with this as well. All money received will be given back to the community who has so graciously shown us love and support. Ideally we want to gift merchandise books reimburse for certificates give money to cyber-security related non-profits and (if payouts are indeed as good as they appear)"  
[X Link](https://x.com/vxunderground/status/1697766564014006600)  2023-09-02T00:21Z 265.4K followers, 151.7K engagements


"An internationally wanted cyber criminal and an individual on the FBIs Most Wanted List is running a poll on Twitter. He is asking if individuals are interested in purchasing ransomware swag"  
[X Link](https://x.com/vxunderground/status/1697933744261284303)  2023-09-02T11:25Z 256.1K followers, 85.9K engagements


"Mikhail Matveev an internationally wanted cyber criminal on the FBI's Most Wanted list - is seriously producing (and considering selling) swag with his poster on them. He does not respect the FBI or the United States government 😂😂 We have never seen someone do this ever"  
[X Link](https://x.com/vxunderground/status/1698008401031106748)  2023-09-02T16:22Z 265.4K followers, 301.1K engagements


"When we released our first book (Black Mass Volume I) some individuals received botched copies from our publisher. Some individuals received the book with comic book drawings others received the book alongside balls of yarn (). In the spirit of us celebrating our many typos failures and goofs Black Mass Volume II will include a coloring book segment. It will include illustrations of ransomware operators and vx-underground staff (and more). It is exciting times Black Mass Volume I was free in digital format. Getting a physical copy was $8.00 (available on Amazon by the book if you want to"  
[X Link](https://x.com/vxunderground/status/1698212164660588924)  2023-09-03T05:51Z 265.4K followers, 41.8K engagements


"No we do not accept NFTs as donations. How the hell are we gonna pay server bills with a .png file"  
[X Link](https://x.com/vxunderground/status/1698361962009149918)  2023-09-03T15:47Z 265.5K followers, 73.2K engagements


"Today at 9:31AM EST Stake an Australian based crypto gambling site was compromised. The currently unidentified threat actor(s) steal over $41000000 in cryptocurrency. - First transaction $16000000 stolen - Second series of transactions $25000000 stolen"  
[X Link](https://x.com/vxunderground/status/1698783729861149058)  2023-09-04T19:42Z 265.4K followers, 130.6K engagements


"Absolutely tragic news. Geoff Chappell the reverse engineer and author has passed away today. His work was incredible. Our deepest condolences to Geoff's family friends and colleagues. Check out Mr. Chappell's work. It's amazing:"  
[X Link](https://x.com/vxunderground/status/1698811926959018075)  2023-09-04T21:35Z 265.4K followers, 51.7K engagements


"New achievement unlocked for perpetual vx-underground goofs: - "What's the password" - Typos (everywhere) - Receiving messages from compromised government e-mails. We receive messages from compromised government e-mails every week now P.S. Yes smelly needs Grammarly"  
[X Link](https://x.com/vxunderground/status/1698869588874682371)  2023-09-05T01:24Z 335.9K followers, 39.1K engagements


"Due to the increasing number of sponsors and monthly donors we have some money for a giveaway. - The Art of Mac Malware - Rootkits and Bootkits - The Giant Black Book of Computer Viruses Comment which book you'd like to receive * Winners will be DM'd. If you do not reply in [--] hours you will forfeit your win and a new winner will be selected. * A physical address must be supplied failure to provide a valid shipping address will result in a forfeiture of your prize. * We will send the book anywhere in the world as long as the destination country is not sanctioned (sorry North Korea). * Prize"  
[X Link](https://x.com/vxunderground/status/1698911064539206022)  2023-09-05T04:08Z 265.5K followers, 179K engagements


"Blue Teams please monitor the evolving threat of CVE-2023-4613. It effects COMPONENT in VENDOR PRODUCT VERSION on PLATFORMS. And it's only Tuesday:("  
[X Link](https://x.com/vxunderground/status/1698947342852829689)  2023-09-05T06:33Z 265.4K followers, 52.8K engagements


"Thank you for the love and support"  
[X Link](https://x.com/vxunderground/status/1698965654177460386)  2023-09-05T07:45Z 265.4K followers, 190.6K engagements


"Some dork on Telegram is selling vx-underground samples for $300. He even takes a screenshot of our website proclaiming it to be his () and says he got the malware from a seizure () 👏DON'T 👏PAY 👏FOR 👏 MALWARE 👏"  
[X Link](https://x.com/vxunderground/status/1699066776880054282)  2023-09-05T14:27Z 265.4K followers, 62.6K engagements


"Threat Actors when they trip the EDR"  
[X Link](https://x.com/anyuser/status/1699122267140022565)  2023-09-05T18:08Z [--] followers, 127.9K engagements


"vx-underground was never sold. - The malware database is free - Intel feed is free - We do giveaways (often) - All papers and samples are free - All source code is free - Nothing COSTS MONEY FROM YOU EVERYTHING IS FREE WHAT ELSE DO YOU WANT"  
[X Link](https://x.com/vxunderground/status/1699421175317700903)  2023-09-06T13:55Z 265.9K followers, [---] engagements


"United States Presidential Candidate Vivek Ramaswamy has proposed abolishing the United States Federal Bureau of Investigation. His proposed solution does not account for Cyber Crime (although maybe the financial aspects of it)"  
[X Link](https://x.com/vxunderground/status/1699546390127419513)  2023-09-06T22:13Z 265.4K followers, 35.6K engagements


"Today the United States and United Kingdom sanctioned [--] individuals believed to be responsible for the Trickbot botnet. They sanctioned Trickbot managers HR representatives developers QA engineers network administrators and more. More information:"  
[X Link](https://x.com/vxunderground/status/1699798654490685615)  2023-09-07T14:55Z 265.4K followers, 29.1K engagements


"Today Google TAG (Threat Analysis Group) reported they have identified North Korean State-Sponsored Threat Actors targeting security researchers (again). They identified accounts on both Twitter and Mastodon. 😋"  
[X Link](https://x.com/vxunderground/status/1699835778896130217)  2023-09-07T17:23Z 265.3K followers, 33.9K engagements


"August [----] (version 1.82) of Visual Studio Code now supports Port Forwarding to allow easier access from Threat Actors. inb4 Visual Studio Code as a C2 Very cool 👍 More information:"  
[X Link](https://x.com/vxunderground/status/1700182572985155619)  2023-09-08T16:21Z 265.3K followers, 72.9K engagements


"Let's talk about ransomware for a second. Ransomware Threat Actors are opportunity driven. They do not have specific targets in mind. If you've got a dollar they want it. The reality of the matter in the ransomware ecosystem is initial access brokering is cheap and affordable it is a worthwhile investment for ransomware affiliates to establish a good relationship with an initial access broker. There is an initial access broker who will sell you roughly [-------] misconfigured VPN's for $1500. These 'misconfigured' VPNs typically will be companies which have accidentally set a VPN user login to"  
[X Link](https://x.com/vxunderground/status/1700335482440204521)  2023-09-09T02:29Z 265.4K followers, 190.9K engagements


"@JBizzle703 hacking is illegal and for nerds"  
[X Link](https://x.com/vxunderground/status/1700436126916280599)  2023-09-09T09:08Z 265.3K followers, 24K engagements


"Roblox is a popular game for children. Roblox has also been a hunting ground for child predators for years now. Instead of improving the safety of the young userbase that plays the game CEO David Baszucki announced Roblox will be launching an official Roblox dating app"  
[X Link](https://x.com/vxunderground/status/1700448105655566638)  2023-09-09T09:56Z 265.5K followers, 102.4K engagements


"Although this says "17+ verified people" we have little faith in Roblox. Especially when Roblox sued YouTuber Ruben Sim (in an attempt to silence him) for becoming a whistleblower and exposing Roblox developer Arnold Castillo for his pedophilia"  
[X Link](https://x.com/vxunderground/status/1700451682528760267)  2023-09-09T10:10Z 265.5K followers, 22.3K engagements


"@duanegran Yes a lot of companies provide this service but they can't cover everything"  
[X Link](https://x.com/vxunderground/status/1700532586173415755)  2023-09-09T15:32Z 265.5K followers, [----] engagements


"Updates to vx-underground are going to be suspended for a good duration of time. The attached image below describes our current situation"  
[X Link](https://x.com/vxunderground/status/1701004892683534832)  2023-09-10T22:49Z 335.9K followers, 29K engagements


"We will gift free vx-underground swag to the first person to write malware in MATLAB. MATLAB supports invocation of WINAPI functions by invoking loadlibrary. - Must be open source - Windows ONLY - Code must work (compiled as .exe) - Basic malware nothing fancy no ransomware"  
[X Link](https://x.com/vxunderground/status/1701079235408855348)  2023-09-11T03:44Z 334.5K followers, 99.3K engagements


"November 11th [----] officer Rafael Aguilera of the Little Rock Arkansas Police Department logs into his patrol units computer system. The body cam footage shows him typing "Sierra123$". Hopefully they've changed their passwords since 2019"  
[X Link](https://x.com/vxunderground/status/1701303468068135149)  2023-09-11T18:35Z 265.4K followers, 78.4K engagements


"MGM Resorts is reporting a cyber security incident. Although they haven't specified it looks and smells like ransomware. - Slot machines offline - Reward system offline - Website offline - Only accepting cash at the moment"  
[X Link](https://x.com/vxunderground/status/1701306723514843358)  2023-09-11T18:48Z 320K followers, 169.3K engagements


"BianLian ransomware group needs to be punched in the face. They appear to have ransomed Save The Children - a [---] year old non-profit. Most notably they were the first to liberate children from WW2 Nazi Concentration Camps"  
[X Link](https://x.com/vxunderground/status/1701309441272926369)  2023-09-11T18:59Z 255.3K followers, 353.9K engagements


"Our malware database is now live - 18000000+ samples - 16000000+ samples in queue for upload - It's free forever. Special thanks to @Malcoreio for assisting us in the development process (and additional funding). Check it out here:"  
[X Link](https://x.com/vxunderground/status/1701429843915669515)  2023-09-12T02:57Z 243.8K followers, 26.3K engagements


"@smashjarchive @Malcoreio No accidentally whoopsied the doopsies:)"  
[X Link](https://x.com/vxunderground/status/1701433798653517868)  2023-09-12T03:13Z 265.3K followers, [----] engagements


"All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn find an employee then call the Help Desk. A company valued at $33900000000 was defeated by a 10-minute conversation"  
[X Link](https://x.com/vxunderground/status/1701758864390050145)  2023-09-13T00:45Z 335.9K followers, 1.6M engagements


"@let_svn No this isn't an attempt to screw anyone over. This particular subgroup of ALPHV ransomware has established a reputation of being remarkably gifted at social engineering for initial access. It isn't really a surprise ALPHV (or the subgroup) is behind this attack"  
[X Link](https://x.com/vxunderground/status/1701766186067755056)  2023-09-13T01:14Z 335.9K followers, 62.2K engagements


"@kevincollier @arborbytes Yes this particular subgroup has a nasty reputation and is well known for their social engineering:)"  
[X Link](https://x.com/vxunderground/status/1701795736126468104)  2023-09-13T03:11Z 243.2K followers, 27.9K engagements


"Another day another series of e-mails from compromised government e-mail addresses. Thank you for the messages Will and USDoD. They have been received"  
[X Link](https://x.com/vxunderground/status/1701834762833297650)  2023-09-13T05:46Z 265.4K followers, 35.3K engagements


"Very cool. Thank you @Bitdefender and @TrustedSec for the kind words when speaking with @Forbes. However we would like to note vx-underground is a collective of several people - it is not a single person. (TrustedSec knows this maybe Mr. Hammerstone made an oopsie doopsie)"  
[X Link](https://x.com/vxunderground/status/1702011670590087659)  2023-09-13T17:29Z 265.4K followers, 47.9K engagements


"We have pioneered a new method for extending WiFi technologies (we stole it actually). Our methodology uses aerodynamic engineering or whatever fancy word works here. Please see the attached image which demonstrates our technology. We believe this was revolutionize WiFi"  
[X Link](https://x.com/vxunderground/status/1702210840257007661)  2023-09-14T06:41Z 265.4K followers, 45.7K engagements


"The past [--] hours we have added [------] new malware samples to the VXDB. We only have [--------] samples remaining. 🫡 Reminder that the VXDB is free for anyone to use. Oh and it's open source. Have a nice day"  
[X Link](https://x.com/vxunderground/status/1702358621126824193)  2023-09-14T16:28Z 265.5K followers, 32.2K engagements


"When Scattered Spider compromised MGM they tried to modify code for the slot machines to make them spit out money 😂😂 These nerds are going full Ocean's Eleven"  
[X Link](https://x.com/vxunderground/status/1702360287213392369)  2023-09-14T16:34Z 258.5K followers, 98.2K engagements


"Do wE kNoW iF CaEsArS wAs HaCkeD Yes they were compromised around the exact same time as MGM and access to Caesar's was compromised using the exact same technique that was used against MGM. Read the U.S. Securities and Exchange Commission report nerds"  
[X Link](https://x.com/vxunderground/status/1702362027581231536)  2023-09-14T16:41Z 265.4K followers, 95.9K engagements


"While we're busy uploading data to the VXDB and migrating data to our new host feel free to add one of our members on Rocket League. In homage to Wazawaka's wild antics the Rocket League account is: "MIKHAIL MATVEEV""  
[X Link](https://x.com/vxunderground/status/1702401539552276696)  2023-09-14T19:18Z 265.4K followers, [----] engagements


"NOTE: ALPHV criticized us for this tweet. We were not the origin of this information. This information derived from the Financial Times"  
[X Link](https://x.com/vxunderground/status/1702433090986226044)  2023-09-14T21:24Z 265.4K followers, 12.3K engagements


"Hello We are aware ALPHV ransomware group criticized us for spreading misinformation. They incorrectly attributed us to the Financial Times article about ALPHV affiliates attempting to tamper with slot machines We will speak with ALPHV and resolve the issue. Thanks"  
[X Link](https://x.com/vxunderground/status/1702522386308800876)  2023-09-15T03:19Z 265.5K followers, 86.3K engagements


"Thank you to the ALPHV ransomware group administrative staff for correcting their blog post and correcting the misattribution to us. We wholeheartedly appreciate"  
[X Link](https://x.com/vxunderground/status/1702528805460468211)  2023-09-15T03:44Z 265.5K followers, 71.8K engagements


"While everyone is focusing on the catastrophe of the MGM breach it should be noted that it is business as usual for other ransomware groups. Note: Publicly listed victims on ransomware websites indicate the victim did not pay and/or negotiations are still on-going. - Cactus"  
[X Link](https://x.com/vxunderground/status/1702807355547701561)  2023-09-15T22:11Z 265.5K followers, [---] engagements


"For Black Mass Volume II we spent an extra shiny penny from our own pockets to hire an artist who is an illustrator for Magic: The Gathering Mythgard Tcg Hit PointPress Adi Shankar/Netflix Legendary Games and more. Thanks to @werupz for the amazing work"  
[X Link](https://x.com/vxunderground/status/1702870077408776551)  2023-09-16T02:20Z 265.4K followers, [---] engagements


"Today it was reported an unidentified Threat Actor(s) compromised Mark Cuban - an American Billionaire Investor and owner of the Dallas Mavericks. The Threat Actors stole approx. $870000 worth of cryptocurrency. More information here:"  
[X Link](https://x.com/vxunderground/status/1702936411144372313)  2023-09-16T06:44Z 243.8K followers, 56.8K engagements


"How to make nerds rage"  
[X Link](https://x.com/anyuser/status/1703079679790379401)  2023-09-16T16:13Z [--] followers, [---] engagements


"Hackers don't wear hoodies. You may not like it but this is what hackers actually look like"  
[X Link](https://x.com/vxunderground/status/1703157115152437357)  2023-09-16T21:21Z 265.5K followers, 28.3K engagements


"ChatGPT is becoming so advanced it can now emulate being a jackass"  
[X Link](https://x.com/vxunderground/status/1703159378788966718)  2023-09-16T21:30Z 265.5K followers, 35.7K engagements


"After we complete our data migration vx-underground will have a new look again. Sponsors will be listed on top as soon as you view the website. If any of you nerds complain we will send you the monthly bills and ask you to pay staff member salaries. So shut up it's all free"  
[X Link](https://x.com/vxunderground/status/1703210037118640278)  2023-09-17T00:51Z 265.4K followers, 18.6K engagements


"We have received our first Twitter payout. We received $285.63. We donated the full amount to WiCyS (Women in CyberSecurity). We will continue to donate our monthly Twitter revenue to non-profits. Have a nice day"  
[X Link](https://x.com/anyuser/status/1703266086236377235)  2023-09-17T04:34Z [--] followers, 125.1K engagements


"Today a Threat Actor named "USDoD" leaked sensitive data from TransUnion. This won't be the last of "USDoD" today though. He also compromised NATO. We'll discuss that later. But first TransUnion. The leaked database over 3GB in size contains highly sensitive PII on [-----] people. The database appears to be compromised March 2nd [----]. This leaked database has information on individuals all across the globe including the Americas (North and South) as well as Europe. Leaked data includes: - First name - Last name - Internal TransUnion identifiers - Sex - Passport information - Place of Birth -"  
[X Link](https://x.com/vxunderground/status/1703456058776158436)  2023-09-17T17:09Z 265.3K followers, 429.5K engagements


"Today our friend DissentDoe did an interview with the Threat Actor "USDoD". In the interview he discusses his childhood his personal beliefs and how he got access to NATO using a compromised Greece military e-mail address . (the same email we got an email from) . . and how after gaining access it appears it triggered a NATO incident response and he lost access. It is a fascinating interview. It is also remarkably impressive how fast NATO potentially identified a compromise. It appears NATO takes it cyber security seriously. Read the full interview here:"  
[X Link](https://x.com/vxunderground/status/1703460480352702480)  2023-09-17T17:26Z 265.5K followers, 87.9K engagements


"vx-underground is temporarily offline again. Lockbit ransomware group is hitting us with a colossal DDoS attack"  
[X Link](https://x.com/vxunderground/status/1703668957436088454)  2023-09-18T07:15Z 265.4K followers, 179.9K engagements


"Thank you for the lovely image Lockbit ransomware group"  
[X Link](https://x.com/vxunderground/status/1703676301834383509)  2023-09-18T07:44Z 265.4K followers, 135.5K engagements


"Per the request of Mikhail Matveev - we will sell his FBI Most Wanted poster on vx-underground. This will be on t-shirts and posters. Due to sanctions placed on him by the United States government he will not be paid for any purchase on merchandise. He is crazy 😂😂😂"  
[X Link](https://x.com/vxunderground/status/1703960207116685802)  2023-09-19T02:32Z 265.4K followers, 132.1K engagements


"@matthew_d_green Hello not to be antagonistic but this is not new. It states in the article that this thesis from Jacob R. Appelbaum was released March [--] [----]. The only thing that makes these 'new' () is that electrospaces discussed September 14th https://www.electrospaces.net/2023/09/some-new-snippets-from-snowden-documents.html https://www.electrospaces.net/2023/09/some-new-snippets-from-snowden-documents.html"  
[X Link](https://x.com/vxunderground/status/1703995620250325405)  2023-09-19T04:53Z 361.8K followers, 24.1K engagements


"We're not really a religious bunch of nerds but we'd like to take a moment and pray for Microsoft. - July 2023: Microsoft is compromised by Threat Group "Storm-0324" also sometimes referred to as "TA543". The Threat Group stole signing keys which they abused to forge authentication tokens - granting them access to inboxes of individuals working for the United States government. Microsoft believes this threat group to be of Chinese origin. - September 2023: Nicknamed "Bloody Tokens" Microsoft misconfigured an azure storage bucket exposing over [-----] internal Microsoft Teams messages and 38TB"  
[X Link](https://x.com/vxunderground/status/1704067137239720277)  2023-09-19T09:37Z 245.6K followers, 599.3K engagements


"Black Mass Volume II is now available for purchase on Amazon for $13.37. It is available for purchase worldwide. We will be giving away [--] physical copies for free later this week =D"  
[X Link](https://x.com/vxunderground/status/1704516390030295310)  2023-09-20T15:22Z 265.4K followers, [----] engagements


"VX-UNDERGROUND JUST SCORED PERFECT ON OUR MITRE Engenuity ATT&CK EVALUATIONS. WE ARE THE BEST IN THE WORLD - 420% PROTECTION - 1337% DETECTION - 9001% VISIBILITY - 6969% TECHNIQUE COVERAGE - % REAL TIME DETECTION - 8446744073709551615% OUT OF THE BOX"  
[X Link](https://x.com/vxunderground/status/1704590545543135614)  2023-09-20T20:17Z 265.8K followers, 157.8K engagements


"Sometimes you nerds make it extremely difficult to do even basic things. Per the request of Mikhail Matveev an individual on the FBI's Most Wanted we have begun working on merchandise titled "Arrest Wazawaka". The clothing will feature his FBI Most Wanted poster as well as some of the ransomware groups he was associated with. Free money for us Free advertising for the FBI _()_/ Earlier today we pushed a test version of the store and people bought it. It wasn't live very long. So some nerds out there possess clothing never intended to be released the public. Also here is our version in"  
[X Link](https://x.com/vxunderground/status/1704719297455575492)  2023-09-21T04:48Z 265.4K followers, 100.7K engagements


"@1zun4G We can't guarantee how it'll look or if any of the text is readable"  
[X Link](https://x.com/vxunderground/status/1704720346279014712)  2023-09-21T04:52Z 265.4K followers, [----] engagements


"The Mullvad VPNs for the giveaway have arrived =D We will be sending them to the winners shortly. Thank you everything for the love and support"  
[X Link](https://x.com/vxunderground/status/1704871648355078221)  2023-09-21T14:54Z 265.4K followers, 15.4K engagements


"T-Mobile has been breached (again). Data has been exfiltrated and it is being shared online (again). This is T-Mobile's 8th breach since [----]. This is the 3rd breach this year. This breach is 90GB of exfiltrated customer PII"  
[X Link](https://x.com/vxunderground/status/1704987197047177576)  2023-09-21T22:33Z 253.8K followers, 22.7K engagements


"This man did [--] pushup every time T-Mobile was breached. Look at him now"  
[X Link](https://x.com/vxunderground/status/1704992341289812396)  2023-09-21T22:53Z 265.4K followers, 207.4K engagements


"Hello prepare yourself for another long post about the new T-Mobile breach and a mistake that we made. Mistake: Employee PII was leaked NOT customer PII. This is the 2nd time a T-Mobile breach has exposed T-Mobile employees. We've had a large number of people asking how we knew about the T-Mobile breach and is is tradition we knew because the people responsible for it (leaking) notified us. However it is already being discussed on forums.Unlike previous times we're given information prior to it's "official" media announcement we can do more than "trust me bro". The breach was performed by an"  
[X Link](https://x.com/vxunderground/status/1705042920137425171)  2023-09-22T02:14Z 322.5K followers, 209.6K engagements


"@BenMalisow @notshenetworks @attrc Ben you goofy goober MGM is worth billions stop letting companies overwork and underpay people"  
[X Link](https://x.com/vxunderground/status/1705085017066770796)  2023-09-22T05:02Z 265.4K followers, [---] engagements


"Today @BleepinComputer reached out to T-Mobile regarding the allegations of them being compromised. T-Mobile informed them that it was NOT T-Mobile corporate that was compromised rather it was a T-Mobile franchise. This breach was disclosed in court May 10th [----]. The data was not leaked until yesterday. Luckily this only impacted [-----] past and current employees"  
[X Link](https://x.com/vxunderground/status/1705267068268913019)  2023-09-22T17:05Z 265.4K followers, 63.3K engagements


"When the security analysts and network administrators detect unusual activity on the network"  
[X Link](https://x.com/vxunderground/status/1705354255211565295)  2023-09-22T22:51Z 258.3K followers, 68.6K engagements


"Hello We've had a few people reach out to us regarding to Black Mass Volume I & II. Yes the PDFs are intentionally left publicly available on the website. The e-book is free the physical copies are available on Amazon. Nobody leaked them on Discord. Have a nice weekend:)"  
[X Link](https://x.com/vxunderground/status/1705927509202579874)  2023-09-24T12:49Z 265.4K followers, 50.9K engagements


"We are aware our @RansomwareNews bot is down. It has been a series of unfortunate events. - Developer is traveling for work - Developer forgot his personal laptop in different country - Developer doesn't have access to code base It'll be fixed when it's fixed _()_/"  
[X Link](https://x.com/vxunderground/status/1705934861112939003)  2023-09-24T13:19Z 265.4K followers, 37.8K engagements


"Today Basssterlord a member of National Hazard Agency (a subgroup of Lockbit ransomware group) deleted his Twitter profile. He requested that we note that it was not due to harassment or law enforcement. He said they're very busy and now is not a good time to meme online😂😂"  
[X Link](https://x.com/vxunderground/status/1706102696766210260)  2023-09-25T00:25Z 265.4K followers, [---] engagements


"It's always important to practice computer hygiene. We recommend washing your computer daily with soap and warm water. This can help prevent viruses and bacterial infections"  
[X Link](https://x.com/vxunderground/status/1706130913858335195)  2023-09-25T02:18Z 265.4K followers, 129.8K engagements


"Yet another university hit by ransomware"  
[X Link](https://x.com/vxunderground/status/1706368450392670591)  2023-09-25T18:01Z 265.5K followers, 38.8K engagements


"Because nerds keep asking us about alleged Sony ransomware incident tl;dr Threat Actors did not deploy ransomware no corporate data was stolen services not impacted. Data was exfiltrated from Jenkins SVN SonarQube and Creator Cloud Development. They're extorting Sony"  
[X Link](https://x.com/vxunderground/status/1706370289716646019)  2023-09-25T18:09Z 265.4K followers, 153.3K engagements


"cl0p ransomware group has ransomed SickKids one of the largest pediatric healthcare facilities in the world. They've exfiltrated [--] years of data related to fertility pregnancy and healthcare information on children (including newborns)"  
[X Link](https://x.com/vxunderground/status/1706434760749220192)  2023-09-25T22:25Z 265.4K followers, 90K engagements


"Today McDonalds Point-of-Sale system setup and executables were leaked online. An unidentified Threat Actor claims to have stolen the executables installation scripts etc. by pivoting off of McDonalds Free Wifi"  
[X Link](https://x.com/vxunderground/status/1706508703745151211)  2023-09-26T03:19Z 265.5K followers, 428.6K engagements


"Today someone operating under the name "MajorNelson" a nod to the former Director of Programming for the Microsoft gaming network Xbox Live asserts RansomVC is lying. He then released all the content RansomVC claimed to have into the general public. tl;dr another Sony leak"  
[X Link](https://x.com/vxunderground/status/1706523877478670542)  2023-09-26T04:19Z 265.4K followers, 74.8K engagements

Limited data mode. Full metrics available with subscription: lunarcrush.com/pricing