Suspected XSS Forum Admin Arrested in Ukraine

Posted on by Dissent

Kevin Poireault reports:

A man suspected of administering the Russian-language cybercrime forum XSS was arrested in Ukraine on July 22.

In an official statement on July 23, Laure Beccuau, a French State Prosecutor, said that the individual was taken into custody by the Ukrainian authorities, with the collaboration of the French police and Europol.

This arrest is the result of a four-year long investigation, which began on July 2, 2021, by the Paris Police Prefecture’s Cybercrime Unit.

As part of the investigation, French police intercepted recordings on the Jabber thesecure.biz server which accompanied the XSS forum to facilitate anonymous exchanges between cybercriminals.

These interceptions revealed that the arrested individual was allegedly linked to numerous illicit cybercrime and ransomware activities and established that they had generated at least $7m in profit.

Read more at InfoSecurity Magazine.

As posted on LinkedIn:

parquetdeparis

Machine translation:

As part of a judicial investigation file opened by the cybercrime section of the Parquet de Paris, the supposed administrator of the forum was arrested on 22 July in Ukraine by the Ukrainian authorities (Cyber Department, the Security Service of Ukraine and General Prosecutor’s Office of Ukraine), in the presence of the French police in charge of the investigation (Brigade de lutte contre la cybercrime Préfecture de Police de Paris ) and with the assistance of Europol.

Active since 2013, this forum was one of the main places for global cybercrime. It allowed the sale of malware, access to compromised systems, stolen data, and ransomware-related services. The forum was coupled with an encrypted Jabber messaging server, facilitating anonymous exchanges between cybercriminals.

The investigation opened on July 2, 2021 by the cybercrime section of the Parquet de Paris and entrusted to the Cybercrime Brigade of the judicial police of the police prefecture, led to the implementation of judicial recordings on the Jabber thesecure.biz server. The intercepted messages revealed numerous illicit cybercrime and ransomware activities, and established that they had generated at least $7 million in profit.

A judicial investigation had been opened on November 9, 2021, on charges of complicity in attacks on an automated data processing system, extortion in an organized gang, and criminal association.

Category: Non-U.S.Of Note