Russian law enforcement authorities have arrested the alleged administrator of LeakBase, a well-known international cybercrime forum that operated as a major marketplace for stolen data.
The operation was carried out by officers from the Ministry of Internal Affairs (MVD) in coordination with regional security services in Rostov.
The suspect, reportedly a resident of Taganrog, is believed to have created and managed the platform for nearly four years.
A Major Cybercrime Hub
LeakBase evolved into one of the largest underground forums dedicated to trading compromised information.
According to official statements from MVD spokesperson Irina Volk, the platform hosted hundreds of millions of stolen records.
These datasets included user credentials, banking information, and sensitive corporate documents obtained through data breaches and unauthorized network access.
The forum attracted more than 147,000 registered users, ranging from initial access brokers to experienced cybercriminal groups.
Members used the platform not only to sell stolen databases but also to coordinate follow-up attacks.
These included financial fraud campaigns, credential stuffing operations, and targeted intrusions against organizations worldwide.
LeakBase also provided features commonly seen in mature cybercrime ecosystems, such as reputation systems and escrow services.
These mechanisms helped build trust between anonymous users, making it easier to monetize stolen data at scale.
The arrest followed a targeted raid at the suspect’s residence in Taganrog. During the operation, authorities seized multiple electronic devices, servers, and digital storage media believed to be linked to the administration of the forum.
These assets are now undergoing detailed forensic examination.
Investigators aim to extract critical intelligence from the seized infrastructure. This includes identifying key moderators, frequent sellers, and buyers who actively participated in the platform.
Authorities are also working to trace the origins of major data leaks distributed through LeakBase, which could lead to additional arrests across the cybercrime ecosystem.
A criminal case has been formally opened by the Main Investigative Directorate of the MVD in Moscow.
The suspect faces charges under Article 272.1, Parts 3 and 6 of the Russian Criminal Code, which relate to illegal access to computer information and operating platforms that facilitate such activities.
The individual has been placed in custody pending further investigation.
The takedown of LeakBase represents a significant disruption to the global underground market for stolen data.
For years, the platform acted as a central hub where cybercriminals could efficiently trade and monetize compromised information.
Security experts note that dismantling such platforms weakens the operational efficiency of threat actors.
Without trusted marketplaces, attackers face greater difficulty in verifying data quality, completing transactions, and building reputations. This can slow down the cycle of cybercrime, at least temporarily.
However, analysts also caution that cybercriminal communities are highly resilient. Users displaced from LeakBase are likely to migrate to alternative forums or establish new platforms.
Despite this, rebuilding trust, reputation systems, and user networks takes time, which may create a short-term gap in large-scale data trading activities.
Threat intelligence teams are now closely monitoring underground channels to track where former LeakBase users relocate.
The data recovered from the seized infrastructure could provide valuable insights into broader cybercriminal networks and help prevent future attacks.
The arrest highlights ongoing efforts by law enforcement agencies to target not just individual attackers, but the infrastructure that enables large-scale cybercrime operations.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
Click Here For The Original Source.
