Ukraine Detains Alleged Russian Hacking Forum Admin
▼ Summary
– The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by Ukrainian authorities at the request of French prosecutors.
– XSS.is, active since 2013, is a major cybercrime hub with 50,000+ users, facilitating malware sales, ransomware services, and illegal discussions.
– French authorities uncovered multi-million-dollar ransomware activities through a four-year investigation, despite the forum banning ransomware topics in 2021.
– Law enforcement intercepted encrypted Jabber communications on ‘thesecure.biz,’ leading to the identification and arrest of the forum’s alleged administrator.
– The XSS forum was seized by authorities, raising concerns among users and potentially exposing incriminating evidence against other members.
Ukrainian authorities have apprehended the alleged administrator of a prominent Russian-speaking cybercrime forum following an extensive international investigation. The arrest, carried out with support from French law enforcement and Europol, marks a significant blow to one of the most active underground hacking communities.
The suspect reportedly managed XSS.is, a notorious platform operating since 2013 with more than 50,000 registered users. The forum served as a marketplace for malware, stolen credentials, and ransomware services before publicly disavowing ransomware discussions in 2021. Despite this ban, investigators uncovered ongoing illegal activities generating millions in profits.
French cybercrime units initiated surveillance in 2021 after gaining access to thesecure.biz, a Jabber-based encrypted messaging server frequented by forum members. Intercepted communications revealed extensive criminal operations, including ransomware attacks and data breaches, prompting a formal investigation. Authorities estimate these activities yielded at least $7 million in illicit revenue.
Further monitoring led investigators to the forum’s alleged administrator, culminating in a coordinated operation with Ukrainian police. The arrest occurred with French officers present, signaling strong international collaboration. Shortly afterward, law enforcement seized the XSS.is domain, replacing it with a seizure notice from French and Ukrainian cybercrime units.
Forum users expressed alarm as the site went offline, unable to access discussions or confirm the administrator’s arrest. The takedown follows recent arrests tied to BreachForum, another major cybercrime hub, suggesting intensified efforts to dismantle such networks.
With control over the forum’s backend systems, authorities may now possess critical evidence implicating additional members. The operation is expected to disrupt cybercriminal activity significantly, though experts anticipate migration to alternative platforms.
Image: Law enforcement examining seized equipment during the arrest.
Update: The XSS.is domain has been officially seized, displaying a law enforcement notice.
(Source: NewsAPI Cybersecurity & Enterprise)
