{"id":60433,"date":"2026-04-05T13:00:13","date_gmt":"2026-04-05T13:00:13","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/"},"modified":"2026-04-05T13:00:13","modified_gmt":"2026-04-05T13:00:13","slug":"researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/","title":{"rendered":"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them"},"content":{"rendered":"<p><span class=\"label\">interview<\/span> Cybercrime crews have become almost mystical entities, with security vendors assigning them names like Wizard Spider and Velvet Tempest.<\/p>\n<p>They hide out in hidden corners of the dark web (often accompanied by a clearnet leak site), leading some infosec folks to talk about these miscreants as if they are invincible. But not everyone is on board with this trend.<\/p>\n<p><a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2026\/03\/25\/jen_easterly_interview\/\">Former CISA boss Jen Easterly<\/a> and others have called on the industry to <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/09\/20\/cisa_software_cybercrime_villains\/\">stop glamorizing these groups<\/a>, and instead give them horrible names like &#8220;Scrawny Nuisance&#8221; or &#8220;Evil Ferret.&#8221;&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>During an interview with <em>The Register<\/em> at the RSA Conference, Trellix VP of threat intel John Fokker said he&#8217;s sick of it, too.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>&#8220;I&#8217;m trying to spark a debate, or a healthy conversation, about what we can do as an industry,&#8221; he said. &#8220;Everybody&#8217;s glorifying threat actors, and that&#8217;s not helping our customers or organizations. These are just individuals, they just use computers, and they just want to steal your data and make money. They&#8217;re not mythical. They don&#8217;t have superpowers.&#8221;<\/p>\n<blockquote class=\"pullquote\" readability=\"8\">\n<p>These are just individuals, they just use computers, and they just want to steal your data and make money. They&#8217;re not mythical. They don&#8217;t have superpowers<\/p>\n<\/blockquote>\n<p>So his team at threat detection and response firm Trellix decided to take an &#8220;almost psyops&#8221; approach to covering the criminal underground. &#8220;We don&#8217;t want to glorify them, what&#8217;s the opposite we can do? We&#8217;re going to roast them.&#8221;<\/p>\n<p>And thus, the Dark Web Roast was born. It&#8217;s a regular blog complete with memes, mockery, and a Ricky Gervais&#8217; &#8220;they&#8217;re just jokes&#8221; inspired disclaimer: &#8220;While these incidents are genuinely amusing, they represent real criminal activities causing significant harm. This content is for threat intelligence and educational purposes only.&#8221;<\/p>\n<p>The <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.trellix.com\/blogs\/research\/dark-web-roast-february-2026-edition\/\">most recent edition<\/a> features a ransomware gang that bulk-drafted and scheduled their extortion attempts like a content calendar: &#8220;Considering the sheer, numbing volume of their posts, it&#8217;s a solid bet that their &#8216;victims&#8217; are probably just fake sites they spun up themselves for content, because nothing screams legitimacy like inflating your stats with phantom compromises,&#8221; the researchers wrote.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>There&#8217;s also an exploit developer named cortana9000 who found a Cisco remote code execution bug (<a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2026\/01\/22\/another_week_another_emergency_patch\/\">CVE-2026-20045<\/a>) under active exploitation by government-backed goons and asked on a forum, &#8220;so how much is this worth&#8221; &#8230; then listed it on another forum for $70,000.&nbsp;<\/p>\n<p>&#8220;A fellow forum member, KlopInko, swooped in with the devastating one-liner: &#8216;since it&#8217;s known, it&#8217;s a 1day exploit&#8217; &#8211; essentially telling cortana9000 that his $70K payday had already started depreciating the moment he opened his mouth,&#8221; according to the roast.<\/p>\n<p>There&#8217;s also a crim, using the handle patagon on DarkForums, who tried to sell full domain admin access to Russia&#8217;s energy grid for less than a used car, undervaluing their apparent find by &#8220;many orders of magnitude.&#8221;<\/p>\n<h3 class=\"crosshead\">When cops go trolling<\/h3>\n<p>Fokker points to the LockBit infrastructure seizure and dismantling led by the UK&#8217;s National Crime Agency (NCA) as the beginning of a deliberate change in law enforcement&#8217;s response toward cybercriminals. In that case, the <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/02\/20\/nca_lockbit_takedown\/\">cops trolled the notorious ransomware gang<\/a> via its own website before ultimately <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/05\/07\/alleged_lockbit_kingpin_charged_sanctioned\/\">unveiling LockBitSupp&#8217;s true identity.<\/a><\/p>\n<p>Taking down groups&#8217; infrastructure isn&#8217;t enough, because they can simply spin up new servers and domains, which, we should point out, LockBit did. Then it becomes a game of whack-a-mole.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Criminals say, &#8216;OK, I can play this game all day long.&#8217; So that doesn&#8217;t really work,&#8221; Fokker said. But public mockery (as with LockBit), and infiltration like the <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/01\/26\/fbi_hive_ransomware\/\">FBI did with Hive&#8217;s ransomware network<\/a>, can fracture trust among cyberthieves. And this fragmentation can help defenders dismantle criminal operations and keep people and data safe.<\/p>\n<p>&#8220;In the criminal underground, it&#8217;s more network-based and individual-based,&#8221; Fokker said. Ransomware crews work with initial access brokers or exploit developers to break into victims&#8217; networks, and they have developers who are writing malware, and affiliates carrying out the attacks.&nbsp;<\/p>\n<h3 class=\"crosshead\">Fracturing trust among thieves<\/h3>\n<p>&#8220;This also creates dependencies,&#8221; Fokker said. &#8220;You have groups that were in the partnership with the ransomware group, and they were breaking into or they were stealing data, and then you have exit scams, or the decryptor didn&#8217;t work, and that causes cracks in the business model.&#8221;<\/p>\n<p>Trellix assisted international cops in the <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/05\/30\/euro_cops_disrupt_malware_droppers\/\">long-running Operation Endgame<\/a>, and during the November 2025 <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/11\/13\/rhadamanthys_takedown\/\">Rhadamanthys infostealer takedown<\/a>, officials released a <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/operation-endgame.com\/\">smug animated video<\/a> hinting at intelligence gathered during the operation and designed to undermine trust within criminal organizations.<\/p>\n<p>The video shows an administrator skimming the most valuable secrets and cryptocurrency keys for personal gain, while passing only less lucrative data to customers. Trellix learned about this incident during a briefing with Dutch police.<\/p>\n<p>&#8220;They said to us, &#8216;We found out that this admin is also stealing from his own customers,'&#8221; Fokker remembers. After the Europol press release came out, Trellix <a href=\"https:\/\/www.trellix.com\/blogs\/research\/dark-web-roast-november-2025-edition\/\" rel=\"nofollow\">unleashed the snark<\/a> in a Dark Web Roast.<\/p>\n<p>&#8220;We basically said you&#8217;re stupid if you work with him, because he&#8217;s just getting rich, and we just make fun of him,&#8221; Fokker said. &#8220;We don&#8217;t know if the impact was measurable, but still, we had an opportunity to run with that story and make a complete fool out of this admin. So that&#8217;s something.&#8221; \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2026\/04\/05\/trellix_john_fokker_roasting_crims\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>True-crime tales of criminals making fools of themselves interview\u00a0 Cybercrime crews have become almost mystical entities, with security vendors assigning them names like Wizard Spider and Velvet Tempest.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-60433","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Researchers didn\u2019t want to glamorize cybercrims. So they roasted them 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-05T13:00:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them\",\"datePublished\":\"2026-04-05T13:00:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/\"},\"wordCount\":901,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/\",\"name\":\"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2026-04-05T13:00:13+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage\",\"url\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/","og_locale":"en_US","og_type":"article","og_title":"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-04-05T13:00:13+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them","datePublished":"2026-04-05T13:00:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/"},"wordCount":901,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/","url":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/","name":"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2026-04-05T13:00:13+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2adJwSDZvYu0e1R5W7KeW5gAAAJU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Researchers didn\u2019t want to glamorize cybercrims. So they roasted them"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60433","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=60433"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60433\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=60433"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=60433"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=60433"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}