"WE TEACH OFFENSIVE SECURITY: MASTER THE DARK ARTS AND BECOME 1337 HACKER (except malware, malware is pure evil, a dark art that should not be taught)" — hacker courses

We received this message on Telegram.

All of us are in our 30's, some are indeed closer to 40 years old. To put it into perspective, I've been coding for 19 years. Based on this message, there is a high probability I've been coding longer than they've been alive.

¯\_(ツ)_/¯

We've been told several times our jokes are not funny and we come across as "depressed ass millennials". You're not wrong in that assessment, our sense of humor is (probably) outdated.

tl;dr we're aging, it shows in our humor 😭

back in the day, when i was in my late-teens/early-20s, instead of taking trash to the dumpster, i would just throw it in my apartment fireplace. every night i burned my trash. i just didnt wanna go outside

Someone sent us this photo. Someone is impersonating us on Telegram (as is tradition).

We'd never call someone "patriot". We're not Facebook schizoboomers. Also, unironically, we initiate most our conversations with a photo of a kitty cat or say "ping".

No disrespect to the artistic nerds, but if you contact us via DM, or e-mail, or whatever — we're always down to potentially buy some artwork. But, we traditionally go with a 80's and/or 90's mall goth computer vibe.

Your gamer profile picture artwork doesn't fit with us.

We also aren't interested in furry artwork.

We appreciate the pitch and for you thinking of us. But uh, we're just not that group. Bring us some dark edgy retro stuff and we'll happily talk.

Help

GET THE FUCK AWAY FROM ME

Last week Qilin ransomware group hit a small time car dealership in the United States. They were like, "nah, that's not shitty and fucked up enough" and proceeded to ransom a cancer treatment center in Japan.

It's time we share some knowledge on the legality of malware in the United States.

We can't speak regarding other countries, but we've had a few recently (also, historically) who have questioned the legality of our website and what we do.

Note: we're not lawyers, but we've consulted with lawyers to make sure we don't do any oopsies

Possessing malware is not illegal. The United States CFAA (Computer Fraud and Abuse Act), which was codified to combat "hacking" or "illegal cyber activity", is vague and doesn't quantify modernized malware well.

1. Possessing, writing, researching, collecting, designing, discussing, archiving malware, etc is not a crime. It does not violate the CFAA. The actions described previously align with goals and ideologies of cyber security researchers, threat intelligence vendors, and students.

2. It IS ILLEGAL to intentionally design, develop, release, or "spread" malicious software with intent to harm others (financially, physically, etc). Additionally, it IS ILLEGAL to knowingly and (depending on context) unknowingly aid and/or abet a person or organization with the design, development, release, or "spread" of malicious software.

tl;dr it's an extremely grey area and you have to "walk the line" so you don't do a whoopsie and catch a felony.

Examples:
👍Tony thinks malware is cool. He collects it online. He password protects the malicious files. He encourages others to review them too.

👎Tony has friends who he suspects are committing cybercrime. They ask him to create infrastructure which can be used to house malware payloads. Tony isn't sure on their intent, but he does it anyway.

👍Tony likes malware research. He shares a cool proof-of-concept which he thinks may be challenging for security software to detect. He open sources it online and encourages collaboration from others.

👎Tony likes malware research. He develops a payload he thinks may be challenging for security software to detect. Tony goes online to shady forums and sells the code to people who may abuse it.

👍Tony receives tips and donations from people for his online malware stuff. People think he is doing cool stuff and want to support him.

👎Tony agrees to host potentially malicious software for others for a fee. He actively tries to hide the payment "paper trail" by accepting payments in Monero.

👍Tony goes onto social media to openly discuss on-going security threats. He discusses victims who may be impacted by a large and evolving security threat.

👎Tony is aware of a large and evolving security threat. Tony speaks privately with criminals and gives them hints and clues to help them hide their presence online.

Malware is illegal and for nerds

Calm down in infosec today.

Only 1500 places ransomed, 400 enterprise environments compromised, and 9000 new threat groups.

hot take: people with super fancy pc setups with super clean desks arent actually working

if your desk isnt covered in cigarette ash (or vape juice), deodorant sticks, broken electronics, old batteries, pill bottles, and energy drinks — wtf are you doing? browsing youtube?

current desk setup: old spice deodorant stick (gets hot af in office), broken smoke detector, broken xbox controller, a bunch of pill bottles, vitamin pills, vape coils, vape juice, wires (idk where they go), some lego parts, tape measure (idk why), lens cleaner, unopened mail

I don't wanna get too political, but honestly we should treat 32bit ASM as historical, like 16bit ASM.

"It's 2025, show the kids r8 and r9", — 2pac, All Eyez On Me

Chat, we've spread misinformation on the internet.

Yesterday we posted BianLian was sending extortion letters through the mail. That was incorrect. It is a BianLian impersonator trying to scam people.

Please accept our handwritten apology.

The visual demonstration illustrating cyber security defense against ransomware