Ukraine Arrests Admin for Suspected XSS Forum Hack
▼ Summary
– A suspect linked to the Russian-language cybercrime forum XSS was arrested in Ukraine on July 22, 2025.
– The arrest involved collaboration between Ukrainian authorities, French police, and Europol, as confirmed by French State Prosecutor Laure Beccuau.
– The investigation began in 2021 and uncovered the suspect’s alleged involvement in cybercrime and ransomware activities, generating at least $7m in profit.
– French police intercepted communications on the Jabber thesecure.biz server, revealing the suspect’s ties to illicit cybercrime operations.
– The case progressed to an operational phase in Ukraine in 2024, culminating in the suspect’s arrest in Kyiv after further actions in July 2025.
Ukrainian authorities have apprehended a key administrator allegedly behind the notorious Russian-language cybercrime platform XSS, marking a significant breakthrough in international law enforcement efforts. The arrest occurred on July 22 following coordinated action between Ukrainian officials, French police, and Europol.
According to French State Prosecutor Laure Beccuau, the operation culminated a four-year probe initiated by Paris’ Cybercrime Unit in July 2021. Investigators uncovered critical evidence by monitoring communications on the encrypted messaging platform Jabber, specifically targeting the thesecure.biz server tied to XSS. These intercepts reportedly exposed the suspect’s involvement in ransomware operations and other cybercriminal activities, with profits estimated at over $7 million.
Authorities launched a formal judicial inquiry in November 2021, citing charges including organized cyberattacks, extortion, and participation in a criminal network. By September 2024, the investigation shifted to Ukraine, where French officers collaborated with Europol via a virtual command post to track the suspect. The final phase began on July 21, 2025, leading to the arrest in Kyiv.
This case highlights the growing effectiveness of cross-border cooperation in dismantling cybercrime networks. The suspect’s alleged role in facilitating illicit exchanges among hackers underscores the persistent threat posed by underground forums. While details of ongoing legal proceedings remain confidential, the arrest signals a major step in disrupting lucrative cybercriminal ecosystems.
(Source: InfoSecurity Magazine)
