Greg Linares, principal threat intelligence analyst, Huntress

Growing up in Arizona with a knack for pulling apart broken computers, Greg Linares found early belonging in the underground virus-writing scene. This began long before cybersecurity became a lucrative profession — and led to an early brush with the law.

Now a principal threat intelligence analyst at Huntress, he helps young hackers find safer pathways while warning companies about the risks they can’t yet see.

Over a cup of his favorite low-acid Japanese pressurized coffee, he looks back at where it all began.

You’ve spoken before about being arrested as a teenager. What was the appeal of writing and distributing malware back then?

I grew up poor in Arizona, but my dad, an avionics technician, always had computers around because he used to dumpster-dive broken machines from companies and fix them with a bit of solder and a couple of cheap parts. So from an early age, computers were everywhere.

I was also an undiagnosed autistic kid who struggled socially, and computers became my world. The moment I heard about the Morris Worm at 11 years old, my brain lit up. Within a week, I was reading everything I could about viruses. By 13, I was writing them.

It felt like creating something magical — sending a piece of your code out into the world. And the community back then was different. Virus writing groups were, in many ways, the closest thing I had to a supportive family. People like Benny and Bumblebee from the old VX scene were like mentors. It wasn’t about money back then. It was an art form.

Do you think teenagers involved in cyberattacks today feel the same?

I think some do, but today’s culture is different. A lot of kids see ransomware gangs flaunting wealth — watches, cars, clubs — and they’re growing up poor, working terrible jobs, and thinking, I know computers; maybe I can do this too.

But these days the consequences are massive. People from groups like Scattered Spider are facing decades in prison. There aren’t enough good on-ramps for talented young people to get into security the right way.

You mentioned helping some of those young people find legitimate paths. How does that happen?

Mostly through Twitter. Over the years, plenty of teenagers have reached out. I’ve helped connect them to smaller pen-testing shops where they can shadow experienced testers. Some have built real careers.

And having the attacker mindset is valuable on the defensive side too.

Absolutely. I still do red teaming. My whole career began with pen testing a law firm, and I thought, Hold on, you can get paid to do this?

Understanding how attackers think is essential because you’re defending against their creativity. I also came from a programming background — I helped build Massage Envy’s back end in the early days — and that mix of development, curiosity and attacker mindset is really valuable.

Many security teams seemed worried about developers racing ahead with AI. Is that something you’re seeing?

Definitely. A lot of companies are adding AI features without understanding what their models are indexing. Secrets get learned. Internal data gets exposed.

On a recent pen test, after compromising a machine, I simply asked the company’s AI assistant where credentials were stored. It told me — instantly. None of their security tooling was watching for that kind of misuse. So blue teams really need to think about this.

What advice would you give young people trying to get into pen testing?

First, you need the mindset. If you’re looking at your new TV and thinking, I bet there’s a vulnerability in this, you’re probably meant for pen-testing.

It’s competitive, so persistence is key. Do CTFs — Huntress runs one every day in October. Try bug bounties. Write blogs or walkthroughs of vulnerabilities. And get involved in the community. Pen testers love seeing passionate newcomers.

You sound like someone who doesn’t switch off easily. But when you do, what do you enjoy?

I make a lot of music and art. I’ve even turned malware into art pieces — and into music. Some of my work has been displayed in malware art exhibitions in Finland.

Finally, how do you take your coffee?

I only really drink one type of coffee: Japanese-style pressurized coffee. It’s very low-acid, which is important for me because I had ulcers when I was younger and strong coffee still upsets my stomach. So normally I’m actually more of a tea person — I love Lapsang Souchong and other smoked teas — but that Japanese pressurized coffee is fantastic.