SSU Cyber experts, together with the National Police of Ukraine, French law enforcement agencies, and Europol, have undermined the reputation of one of the main online platforms used by global cybercriminals.

For over 10 years, cybercriminals from around the world have utilized the forum to acquire the latest spyware developments and closed databases.

Following an international special operation in Kyiv, a developer of the platform with over 50,000 registered users was exposed. They included well-known hacker groups such as REvil, LockBit, Conti, and Qilin.

Using the forum's “services”, cybercriminals attacked automated management systems of banks, government agencies, and large corporations in the US and the European Union.

For example, criminals used malware purchased on the forum and privileged access to the computer networks of international companies to extort money.

In case of refusal, they threatened the victims with leaking their confidential data online and disrupting the organization's work.

Numerous cases of using online platform to recruit new members to hacker groups and sell the latest malware have also been documented.

During the international cyber operation, the location of the forum’s administrator was identified and its infrastructure was partially shut down.

During searches of the suspect's home, computer equipment, phones, and money were found, which he had obtained through cryptocurrency transactions while facilitating hacking activities.

The investigation is ongoing to identify all persons involved in the operation of the criminal forum and its participants.

The investigation was carried out under the procedural supervision of the Prosecutor General’s Office.