Latest news with #XSS.is
Local France
23-07-2025
- Local France
Top cybercrime forum manager arrested in Ukraine: French prosecutors
Industry experts describe as one of the longest-running dark web forums. 'On Tuesday, July 22nd, a person suspected of being the administrator of the Russian-language cybercrime forum was arrested as part of a criminal investigation opened by the Paris public prosecutor's office,' Paris prosecutor Laure Beccuau said in a statement. 'Active since 2013, this forum was one of the main hubs for global cybercrime,' Beccuau said, adding that enabled the sale of malware, access to compromised systems, stolen data, and ransomware-related services. 'The forum also operated an encrypted Jabber messaging server, facilitating anonymous exchanges between cybercriminals,' the statement added. An investigation was launched in July 2021 and was handed over to investigating magistrates in November the same year. 'A judicial investigation was opened on November 9th, 2021, on charges of complicity in attacks on an automated data processing system, organised extortion, and criminal conspiracy,' Beccuau said. 'The intercepted messages revealed numerous illicit activities related to cybercrime and ransomware, and established that they generated at least $7million in profits,' Beccuau added. Advertisement The suspected forum administrator was arrested by Ukrainian authorities with the help of the French police in charge of the investigation and Europol. French and European authorities are stepping up cooperation on arrests linked to cybercrime, while reports of cyberattacks targeting public entities and private groups are mounting.
Straits Times
23-07-2025
- Straits Times
Suspect linked to Russian language cybercrime forum arrested in Ukraine
Find out what's new on ST website and app. PARIS - A person suspected of being the administrator for the Russian language cybercriminal forum was arrested in Ukraine this week, the French public prosecutor's office and the pan-European police body Europol said on Wednesday. Europol said the suspect - whose name has not been given - was thought to have earned more than 7 million euros ($8.20 million) via the forum. "The forum's administrator was not only a technical operator but is believed to have played a central role in enabling criminal activity," a Europol statement said. "Acting as a trusted third party, he arbitrated disputes between criminals and guaranteed the security of transactions. He is also believed to have run a private messaging service tailored to the needs of the cybercriminal underground," it added. Europol said the cybercrime forum had more than 50,000 registered users and served as a key marketplace for stolen data, hacking tools and other illegal services. The suspect was arrested in Kyiv on Tuesday in a police operation involving Ukrainian authorities, according to French police and Europol. REUTERS
The Sun
23-07-2025
- The Sun
Ukraine arrests top cybercrime forum admin with French-Europol aid
PARIS: A key administrator of a prominent Russian-language cybercrime forum, has been detained in Ukraine through a joint operation involving French law enforcement and Europol. The Paris prosecutor's office confirmed the arrest on Wednesday, marking a significant breakthrough in a long-running investigation. Industry analysts identify as one of the most enduring dark web platforms. Laure Beccuau, Paris public prosecutor, stated, 'On Tuesday July 22, a person suspected of being the administrator of the Russian-language cybercrime forum was arrested as part of a criminal investigation opened by the Paris public prosecutor's office.' The forum, operational since 2013, served as a central marketplace for cybercriminal activities. Beccuau noted, 'Active since 2013, this forum was one of the main hubs for global cybercrime,' facilitating transactions involving malware, compromised system access, stolen data, and ransomware services. Investigators uncovered that also hosted an encrypted Jabber messaging server, enabling anonymous communication among cybercriminals. The probe began in July 2021 before being escalated to investigating magistrates by November that year. Beccuau added, 'A judicial investigation was opened on November 9, 2021 on charges of complicity in attacks on an automated data processing system, organised extortion, and criminal conspiracy.' Intercepted communications exposed extensive illegal operations, with profits estimated at over $7 million. The arrest was executed by Ukrainian authorities with support from French investigators and Europol. This operation highlights growing cross-border collaboration against cybercrime as attacks on public and private entities surge. - AFP
The Star
23-07-2025
- The Star
Suspect linked to Russian language cybercriminal forum arrested in Ukraine, says France
PARIS (Reuters) -A person suspected of being the administrator for the Russian language cybercriminal forum was arrested in Ukraine, with the assistance of the French police and Europol, the French Public Prosecutor's Office said on Wednesday. Active since 2013, this forum was one of the main hubs for global cybercrime. It facilitated the sale of malware, access to compromised systems, stolen data, and ransomware-related services. The forum was paired with an encrypted Jabber messaging server, facilitating anonymous exchanges between cybercriminals, the statement added. (Reporting by Dominique Vidalon;Editing by Sudip Kar-Gupta)
Yahoo
16-07-2025
- Yahoo
Former 21-year-old soldier stationed in Texas pleads guilty to hacking, extortion scheme
TEXAS (WHNT) — A former U.S. Army soldier stationed at Fort Cavazos entered a guilty plea in federal court Tuesday. According to federal documents and the U.S. Department of Justice, 21-year-old Cameron John Wagenius used online accounts associated with the nickname 'kiberphant0m' to conspire with 3 other people to defraud at least 10 victim organizations. The DOJ said Wagenius did so by obtaining login credentials for the organization's protected computer networks between April 2023 and December 18, 2024. Huntsville International Airport sets monthly passenger traffic record for June The DOJ said the conspirators obtained the credentials using a hacking tool called SSH Brute, among other names. The DOJ said they used Telegram group chats to transfer the stolen credentials and talk about gaining access to victim companies' networks. The release says all of this happened while Wagenius was on active duty with the U.S. Army. 'After data was stolen, the conspirators extorted the victim organizations both privately and in public forums. The extortion attempts included threats to post the stolen data on cybercrime forums such as BreachForums and The conspirators offered to sell stolen data for thousands of dollars via posts on these forums. They successfully sold at least some of this stolen data and also used stolen data to perpetuate other frauds, including SIM-swapping. In total, Wagenius and his co-conspirators attempted to extort at least $1 million from victim data owners.' U.S. Department of Justice The plea agreement says Wagenius and the co-conspirators, after gaining access to the victim's accounts, threatened to leak the stolen data unless a ransom was paid. From there, the federal document says the conspirators worked to gain access to 'hundreds of thousands' of sensitive business and customer records. This information included non-content call and text history records, telecommunication identifying information and other personally identifiable information. Some examples of the messages sent to the victims are listed below, per federal documents. 'At least on or about April 23, 2023, until at least June 16, 2023, Defendant, Co-Conspirator-1 and others participated in a Telegram group chat. The chat members repeatedly discussed stealing computer credentials, including through brute force attacks used to guess username and password combinations, and transferred stolen credentials among themselves.' DOJ Plea Agreement Document '[I]n or about May 2024, Defendant and Co-Conspirator-1 accessed the computer systems of Victim-1, a telecommunications company located overseas, and stole information pertaining to hundreds of thousands of Victim-1's customers. This stolen information included International Mobile Subscriber Identity, SIM card numbers, maskerkey, and other information needed to successfully clone SIM cards.' DOJ Plea Agreement Document '[I[n or about August and September 2024, Defendant, Co-Conspirator-1, Co-Conspirator-2, and Co-Conspirator-3 accessed the protected computer systems of Victim-3, a tecnology company located in the United States and stole information pertaining to thousands of Victim-2's customers, including telephone numbers belonging to real people who were Victim-2's customers. Victim-2 was a telecommunications company located in the United States, and some of Vicitm-2's stolen data was hosted on Victim-3's computer systems located in Texas and North Carolina.' DOJ Plea Agreement Document 'Defendant and others publicly and privately extorted victims by threatening to sell or otherwise distribute their stolen data unless the victims paid ransoms. They did so through online posts on online cybercrim forums catering to criminals, such as BreachForums and Telegram channels dedicated to online frauds and other cybercrimes; direct messages on Telegram; and other online platforms such as X (formerly known as Twitter). Some of these posts and messages offered to sell the data in exchange for fiat currency and cryptocurrency, while others attempted to extort the victim companies, requesting payment in order to avoid publication of the stolen data. Some posts also published sample data stolen from the victims. The platforms on which these posts were made could be accessed from computers located anywhere in the world, including the Western District of Washington.' DOJ Plea Agreement Document '[O]n or about October 22, 2024, Defendant contacted Victim-2 and wrote, 'If I'm not contacted all 358+ [gigabytes] of data on the [Victim-2] network will be released.' Defendant sent this message, which was transmitted in interstate and foreign commerce, as part of Defendant's efforts to extort a ransom payment from Victim-2. DOJ Plea Agreement Document '[O]n or about November 6, 2024, Defendant sent multiple emails to Victim-4, a telecommunications company located in the United States, sharing sample stolen data and threatening to leak more online unless he was paid '500k USD in the form of cryptocurrency.' Defendant stated, '[i]n the event of [Co-Conspirator-2's] arrest I was to takeover negotiations.' DOJ Plea Agreement Document The department said on Tuesday, Wagenius pleaded guilty to the following charges: Conspiracy to commit wire fraud Extortion in relation to computer fraud Aggravated identity theft. Tri-agency traffic enforcement targets excessive speeding on I-565 He is currently scheduled to be sentenced on Oct. 6 and faces a maximum penalty of 20 years in prison for conspiracy to commit wire fraud, a maximum penalty of five years in prison for extortion in relation to computer fraud, and a mandatory two-year sentence consecutive to any other prison time for aggravated identity theft. Wagenius was first indicted on December 18, 2024, in Seattle, Washington, federal court documents say. The plea agreement, obtained by News 19, says Wagenius waived his right to be charged by indictment as well as waived his right to have the incident tried before a jury. As a result of these waivers, he agreed to enter a guilty plea. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Solve the daily Crossword
