Russian authorities have detained the alleged administrator of LeakBase, a major cybercrime forum that facilitated the sale of hundreds of millions of stolen credentials and financial data since 2021.
Russian law enforcement authorities have arrested the alleged administrator of LeakBase, a major cybercrime forum that facilitated the sale of hundreds of millions of stolen credentials and financial data since 2021, according to state media reports.
The suspect, a resident of Taganrog, was detained for creating and managing the criminal platform that allowed stolen personal databases to be traded. During a search of the suspect's residence, technical equipment and other items of evidentiary value were confiscated.
According to Irina Volk, an official spokesperson for the Russian Ministry of Internal Affairs, "The platform hosted hundreds of millions of user accounts, bank details, usernames, and passwords, as well as corporate documents obtained through hacking." The forum had over 147,000 registered users who could buy and sell this data and use it to commit fraudulent acts against citizens.
LeakBase was dismantled earlier this month in a coordinated law enforcement operation. The U.S. Department of Justice described the cybercrime forum as one of the world's largest hubs for cybercriminals to buy and sell stolen data and cybercrime tools. The platform contained hundreds of millions of account credentials and financial information including credit and debit card numbers, banking account and routing information, usernames, and associated passwords that could be abused for account takeover attacks.
At the time of its takedown, LeakBase had over 142,000 members and more than 215,000 messages between members. Visitors to the clearnet site were greeted with a seizure banner stating that "All forum content, including users' accounts, posts, credit details, private messages, and IP logs, has been secured and preserved for evidentiary purposes."
The operation appears to have targeted a threat actor known by online aliases including Chucky, beakdaz, Chuckies, and Sqlrip. Investigations by cybersecurity firms KELA and TriTrace linked these aliases to a 33-year-old individual from Taganrog, Russia.
This arrest represents a significant blow to the underground cybercrime ecosystem, as LeakBase served as a major marketplace for stolen credentials and financial data that enabled widespread fraud and identity theft operations globally.
Comments
Please log in or register to join the discussion