Major Russian-language cybercrime forum XSS.is shut down, alleged admin arrested | brief | #cybercrime | #infosec


As detailed in Security Affairs, French and Ukrainian police have arrested a 38-year-old man in Kyiv and shut down XSS.is, a highly influential Russian-language cybercrime forum that operated for nearly two decades. The forum served as a critical hub for the underground economy, facilitating transactions between various cybercriminals.Europol coordinated the operation, dubbed Ratatouille, which dismantled XSS.is, a forum with over 50,000 members. The arrested suspect allegedly earned more than EUR 7 million by acting as a trusted escrow service, a function crucial to the forum’s operation. XSS.is facilitated trades for malware authors, exploit sellers, spammers, and ransomware affiliates, providing a secure platform for criminal dealings. Analysis of a leaked database revealed a strong concentration of Cyrillic text and registrations from CIS-region domains, confirming its Russian-speaking user base. The busiest trading sections focused on web-application vulnerabilities, malware, exploit kits, and network access. The forum’s activity pattern mirrored a typical workday, peaking between 09:00 and 13:00 UTC, aligning with Moscow working hours. The arrest and seizure of the associated “thesecure.biz” Jabber server represent a significant blow to cybercrime infrastructure, although the forum has since reappeared with diminished trust.The exposure of user data, including nicknames, emails, and IP addresses, poses a lasting threat, enabling the creation of detailed dossiers on forum members. While the takedown removes a central hub, the underlying economy of access brokering and exploit sales continues to migrate to other platforms.Source: Security Affairs



Click Here For The Original Source.

——————————————————–

..........

.

.

National Cyber Security

FREE
VIEW