Authorities in Kyiv arrested the suspected administrator of xss.is, one of the most notorious Russian-speaking cybercrime forums in the world. The arrest comes after a multi-year investigation led by French law enforcement, in close collaboration with Ukrainian authorities and Europol.
The suspect, whose identity has not yet been publicly disclosed, was apprehended on July 22 as part of a coordinated international operation aimed at dismantling criminal infrastructure and gathering critical evidence. According to investigators, the suspect run xss.is, a forum boasting over 50,000 registered users, where stolen data, hacking tools, and illicit cyber services were traded.
As the forum’s administrator, the suspect reportedly served as an arbitrator in disputes between criminals and ensured secure transactions, effectively functioning as a trusted third party. He is also suspected of running thesecure.biz, a private messaging service designed specifically for cybercriminal communications.
Authorities estimate the suspect earned over EUR 7 million through advertising revenues and facilitation fees. With alleged activity stretching back nearly two decades, the administrator is thought to have maintained longstanding relationships with some of the most prolific and dangerous threat actors online.
The investigation was launched by France in 2021. The arrest in Kyiv is the latest in a series of enforcement actions targeting the forum’s infrastructure and affiliates.
