The suspected administrator of the notorious Russian-language cybercriminal forum XSS.is has been arrested in Ukraine on July 22.
The arrest follows a years-long investigation led by the Paris Public Prosecutor’s Office and carried out in close coordination with Ukrainian law enforcement agencies and Europol.
The takedown is the result of a meticulously coordinated judicial operation that began in 2021 and has since exposed the dark web’s hidden economies, revealing a sprawling digital criminal ecosystem generating millions of dollars in illegal profits.
https://x.com/parquetdeParis/status/1947963032564334608
XSS.is: A Pillar of the Global Cybercrime Underworld
Launched in 2013, the XSS.is forum emerged as one of the world’s most active cybercrime marketplaces. It functioned as a key trading ground for hackers, ransomware operators, and cyber extortionists. The platform allowed users to sell malware, gain access to breached systems, peddle stolen data, and offer services like ransomware deployment and money laundering.
The forum was also paired with a secure Jabber server—thesecure.biz—providing end-to-end encrypted communications that shielded cybercriminals from law enforcement scrutiny and enabled anonymous dealings across international borders.
2021 Surveillance Uncovered $7 Million Ransomware Profits
The Paris Prosecutor’s Office launched its formal investigation on July 2, 2021, assigning the case to the Cybercrime Brigade of the Judicial Police within the Paris Police Prefecture. This unit deployed covert surveillance and wiretapping operations targeting the Jabber server.
Over time, intercepted communications unearthed a host of illicit cyber activities linked to ransomware campaigns and other digital crimes. The captured messages offered investigators a rare window into the forum’s criminal inner workings and revealed that its operations had collectively netted more than $7 million in illegal profits.
French Prosecutors Open Criminal Case Against Forum Administrator
Building on this evidence, French authorities formally opened a judicial investigation on November 9, 2021, charging the suspect with:
- Complicity in unauthorized access to automated data processing systems
- Extortion in an organized group
- Criminal conspiracy involving multiple actors
These charges reflect the increasing complexity and scale of organized cybercrime, which often involves cross-border coordination, advanced obfuscation techniques, and the use of anonymous digital infrastructures.
Arrest in Ukraine Marks Critical Turning Point
The breakthrough came after a second interception during a parallel investigation helped identify the suspected administrator’s precise location. Ukrainian authorities, including the Cyber Department, the Security Service of Ukraine (SBU), and the General Prosecutor’s Office, conducted the arrest in the presence of French investigators and with support from Europol.
The joint international operation underscores the growing importance of law enforcement collaboration in tackling cybercrime that transcends national boundaries.
Ongoing Investigation Signals Broader Crackdown on Cybercrime
The case continues under the supervision of examining magistrates in France, as authorities work to uncover the full extent of XSS.is’s operations, financial networks, and global partners. The takedown of this key figure could lead to further arrests and the dismantling of related syndicates.
French Public Prosecutor Laure Beccuau, who is overseeing the case, emphasized that the investigation remains active and that international cooperation has been pivotal in achieving this milestone in cybercrime enforcement.
The arrest of the XSS.is administrator sends a clear message: anonymity on the dark web is not absolute, and coordinated international law enforcement can pierce even the most sophisticated digital defenses.
As ransomware continues to wreak havoc globally—from hospitals and corporations to public infrastructure—this operation marks a rare but significant victory in an ongoing and complex battle against cybercriminal enterprises.
Click Here For The Original Source.
