vx-underground

24 мая 2025 21:25

The Italian dude being tortured:

vx-underground

24 мая 2025 21:18

tl;dr rich crypto guy kidnapped, tortured, almost murdered. kidnapped demands the password, italian guy says fuck you

May 23rd, 2025, the New York Police Department, in the United States, released details on a cryptocurrency holder who was tortured for almost 3 weeks.

The unidentified victim, a 28 year old man from Italy, was kidnapped by John Woeltz (37) and Beatrice Folchi (24). Mr. Woeltz is a self-described cryptocurrency investor who rents a $40,000/month apartment in Manhattan.

For nearly 3 weeks Mr. Woeltz demanded credentials to the unidentified victims crypto assets. The victim refused.

Mr. Woeltz tied the victim with electrical cords, repeatedly used a taser while the victims feet were submerged in water, beat him, pistol whipped him, forced the victim to ingest narcotics, and repeatedly wielded an electric chainsaw to the victim asserting he would dismember him if he did not give Mr. Woeltz the credentials to his crypto assets. The victim received a large wound on one of his arms where Mr. Woeltz used the chainsaw against the victim. Mr. Woeltz also tied an Apple AirTag around the victims neck if the victim tried to escape.

The victim is believed to possess millions in various cryptocurrencies.

During the kidnapping Mr. Woeltz took photos of the victims with a polaroid camera with the intent on sending the photos to the victims friends or family.

Thankfully, and although details are scarce, the victim managed to escape Friday, May 23rd, the day in which the victim reported to police he would have been murdered.

Police reported that, upon entry to Mr. Woetlz apartment, they discovered a "blood-shoaked makeshift torture chamber".

vx-underground

24 мая 2025 14:00

Thai police have apprehended a violent criminal operating under the moniker Nub Tang

vx-underground

23 мая 2025 19:28

Today law enforcement agencies across the globe decided to meme the Threat Actors behind DanaBot. The multi-agency operation decided to announce the takedown, and indictments, by releasing an anime trailer 😭

vx-underground

21 мая 2025 23:40

There is my detailed report on Operation Endgame. I couldn't have gotten more exact figures, attached some pictures, and made the post longer. But I've got a newborn baby heap spraying milk out his face and I'm just standing in the corner, on my phone, in terror as more mature people in my home deal with the situation

vx-underground

21 мая 2025 19:04

Chat, I'm going to be that guy for a second.

Maybe, and this is just speculation, but just maybe it was a poor decision by Coinbase to out source labor to 3rd world South Asian workers whom they exploit momentarily?

What if Coinbase hired people, treated them well, and didn't exploit them monetarily? Hmmmmm?

Maybe someone is more likely to accept a bribe when a multi million dollar company is only paying them $70/month - $160/month

vx-underground

21 мая 2025 18:48

Coinbase was compromised December 26th, 2024. Initially it was reported they were compromised in early to mid-May.

The (to the best of our knowledge) unidentified Threat Actors(s) maintained persistent access for nearly 6 months.

vx-underground

20 мая 2025 23:36

mfw I roll back a snapshot

vx-underground

19 мая 2025 17:15

"Leave our customers alone!!!1" — VMPSoft, probably

vx-underground

18 мая 2025 21:38

Hello,

For the past 6 years I've had people ask if I will be attending DEFCON. The answer is still: No. However, I may make an appearance at DEFCON 35 or DEFCON 36. It will also be the first cybersecurity conference I've ever attended. Cool beans

Thanks,
- smelly smellington

vx-underground

18 мая 2025 13:25

Ladies, what's preventing you from wearing these? Be honest

vx-underground

18 мая 2025 01:47

Dear person DdoSing us,

We're not around right now combat the DdoS and we're all super busy. If you'd like to get our attention, or send a message, or whatever you're doing, please DdoS us at later period in time.

I'm busy with my newborn son and Bradley is still taking care of his Dad. I think we'll have better capacity to deal with a DdoS in like... August or September? So if you want to actually get our attention do it then. Otherwise, unfortunately, you'll just keep DdoSing us forever and nothing will really happen.

Sorry!

vx-underground

16 мая 2025 23:01

this is a meme, my wife didnt cheat on me

vx-underground

16 мая 2025 22:24

May 11th, 2025, Coinbase was compromised. Coinbase confirmed the compromise on May 15th, 2025 with the United States Securities and Exchange Commission (U.S. SEC)

Coinbase states an unknown Threat Actor e-mailed them asserting they had obtained sensitive personal identifiable information (PII) on the Coinbase userbase, as well as internal documentation from Coinbase which derives from customer service and/or account management systems.

Coinbase has confirmed the compromise is the result of multiple contractors and/or employees outside of the United States receiving "payment" for access to their systems. Coinbase confirms the individuals who received payment for access have been terminated.

The unknown Threat Actor demanded $20,000,000. Coinbase asserts they will NOT pay the ransom demand and succumb to extortionists. They have placed a $20,000,000 bounty for the identification and apprehension of individual(s) responsible for the compromise.

Customer data stolen as a result of the compromise:
- First name
- Last name
- Address
- Phone number
- Email address
- Last 4 digits of social security number
- Masked bank-account numbers
- Government ID images (drivers license, passport)
- Account data (balance, transaction history)

No passwords or private keys were obtained.

Coinbase has stated they believe the estimated damage to their company (internal, or reputational) to be between $100,000,000 - $400,000,000.

vx-underground

16 мая 2025 01:07

More information:

https://www.justice.gov/usao-dc/pr/additional-12-defendants-charged-rico-conspiracy-over-263-million-cryptocurrency-thefts

vx-underground

24 мая 2025 21:19

Shoutout to this Italian dude. I don't know many people who could endure 3 weeks of torture 😂😂

vx-underground

24 мая 2025 14:01

In all seriousness, the cat was found on the street. The cat tried to scratch one the police officers. They decided to take a mug shot of the cat for "Assault" on a police officer, but the photo is designed to help finder the cats owner

vx-underground

24 мая 2025 02:08

Hello,

This is your semi-daily reminder that we are super-AFK. Despite our absenteeism we are still ingesting data. However, things are not being pushed to prod. Here is where we currently are:

1. Bradley and I are still AFK. He is acting as his Father's primary caretaker due to poor health. I am busy dealing with a newly deployed human being (baby was born).

2. We are still ingesting malware despite being gone thanks to petikvx. Our backlog is colossal, millions upon millions of malware samples in queue for prod.

3. We did an oopsie, we allocated 20TB of storage on our servers and we exceeded that. We have allocated an additional 20TB, but it isn't properly configured (yet). Hence, we have millions of malware samples floating in limbo waiting for their final resting place... but it doesn't exist yet (kind of). If I can get more time away from my newly created human being then I can finalize the configurations for new malware being pushed. I don't know when I can do that. My free time is random and is primarily used for screaming in the restroom or sleeping.

4. We have continued paper ingestion. As said in bulletin point three, we have the stuff but we don't have the science. When I have free time I will push tons of cool papers.

5. There is something else I intended to announce and share here during my spare time. I can't remember it right now, but I'm sure it was cool and interesting. If I can remember it I'll post about it.

I hope everyone had a good week and has a good weekend.

Thanks,
- smelly

vx-underground

22 мая 2025 21:10

> qakbot dude indicted
> lumma stealer memed by feds
> lumma stealer taken down
> coinbase hacked
> ransomware group releases edgy video
> cryptothieves got rico charges
> new cool malware research

yo CHILL OUT. just STOP. timeout. pause. WAIT a second

vx-underground

21 мая 2025 23:38

Some governments did a thing and fucked up Lumma stealer, they seized like, I don't know, a bunch of stuff and sent customers messages about something scary

vx-underground

21 мая 2025 18:49

smh took christmas off then went back to crime. some ppl got zero holiday spirit fr

vx-underground

21 мая 2025 15:07

Home remodeling project going pretty well

vx-underground

19 мая 2025 21:57

Politics aside — will this impact the cybercrime ecosystem? If the Russian Federation establishes a friendship with the United States, will we see an impact on ransomware groups?

vx-underground

19 мая 2025 17:14

VMPSoft has been DMCA-ing YouTube videos which show how to combat malware payloads abusing VMProtect

vx-underground

18 мая 2025 21:13

me when the feds show up asking why ive got 30tb of malware

vx-underground

18 мая 2025 01:51

Learned we were under DDoS by accident when I was messaging TorGuard about moving some data around. I forgot the directory layout, checked the site, and realized it was being DdoSd. I was like, "Gosh dang it, I guess we'll talk about it some other time".

Anyway, got to go, having baked potatoes for dinner.

Talk to you later. Love you
- smelly

vx-underground

17 мая 2025 12:04

We are now 6 years old.

In 6 years this account, and website, went from small and obscure to one of the largest information security related Twitter profiles. Twitter and Telegram combined, vx-underground has over 400,000 people who follow our content and discussions.

It is very surreal feeling seeing a small personal project, dedicated to saving stuff that I thought was cool, becoming so large and popular. Sometimes I find it hard to believe what I say matters to anyone, because at the end of the day I'm just some stinky nerd who likes spamming cat pictures.

As I've said for the past 6 years: nothing will change. We will continue to provide free malware source, samples, and papers.

That's all I've got to say right now. Thank you for all the love and support. I look forward to continually serving all of you.

- smelly smellington

vx-underground

16 мая 2025 22:26

tl;dr some dude making like, $4/hr was bribed

vx-underground

16 мая 2025 01:14

We do not follow cryptocurrency crime too closely, we primarily discuss malware, but it occasionally overlaps with our area of focus.

Prior to Mr. Malone Lam's arrest we encountered him online. He had his arm around the shoulders of a very pretty woman while on a boat. He had no shirt on, but he kept his very expensive watch on his wrist.

He stared into the camera and said, "Get yo money up, not yo funny up". The girl giggled. He had a smirk on his face.

vx-underground

16 мая 2025 01:04

Today the United States Department of Justice announced the indictment (and in some cases additional charges) for 12 individuals. The defendants are charged in RICO conspiracy for over $263,000,000 in cryptocurrency theft, money laundering, and home break-ins.

Each individual listed was (in some capacity) involved in the COM(munity) scene.

This is the first time, to the best of our knowledge, a group of primarily English speaking, loosely affiliated, cybercriminals are in a RICO case.

RICO, the United States "Racketeer Influenced and Corrupt Organizations Act", passed in 1970, is generally reserved for organized crime. It was designed to combat organized crime and allows prosecutors to charge individuals involved in an ongoing criminal enterprise.

RICO charges are not a joke. These are extremely serious charges.

RICO charges allow multiple people to be tied to a conspiracy and amplify any/all charges. A single RICO charge is worth 20 years in Federal Prison and can extend to life in prison.

The United States Department of Justice slapping COM-scene people with a RICO charge is a sign they're not playing around with cryptocurrency fraud.

The individual indicted are as follows:
- MALONE LAM a/k/a "King Greavys", "7", "$$$", "Kg", "Anne Hathaway"
- MARLON FERRO a/k/a "Marlo", "GothFerrari"
- HAMZA DOOST a/k/a "Scyllia", "¢"
- CONOR FLANSBURG a/k/a "OO", "Green Room", "d0uu0b"
- KUNAL MEHTA a/k/a "Papa", "The Accountant", "Shrek", "Neil"
- ETHAN YARALLY a/k/a "Rand", "15%"
- CODY DEMIRTAS a/k/a "K O", "Kody"
- AAKAASH ANAND a/k/a "Light", "Dark"
- EVAN TANGEMAN a/k/a "E", "Tate", "Evan | Exchanger"
- JOEL CORTES a/k/a "J"
- [Unidentified 1] a/k/a "~_~", "Squiggly", "CHEN"
- [Unidentified 2] a/k/a "Danny", "Meech"
- TUCKER DESMOND

The full article, released by the Department of Justice, defines the roles of each individual, the charge they carry, a total sum of money stolen and/or items illegally acquired using stolen money, and additional (unlisted) co-conspirators.

Note: per the RICO charge, if the Judge rules the individual was involved in widespread fraud or violent crime, individuals may face a punishment of life in prison. Hence, each person listed may eligible for life in prison

Time being faced:
- MALONE LAM: 60 years
- MARLON FERRO: 60 years
- HAMZA DOOST: 40 years
- CONOR FLANSBURG: 40 years
- KUNAL MEHTA: 40 years
- ETHAN YARALLY: 40 years
- CODY DEMIRTAS: 40 years
- AAKAASH ANAND: 60 years
- EVAN TANGEMAN: 40 years
- JOEL CORTES: 40 years
- [Unidentified 1] - 60 years
- [Unidentified 2] - 60 years
- TUCKER DESMOND - 20 years