Belarusian Authorities Seized a Popular Hacking Forum


Belarusian law enforcement seized and shutdown XakFor, one of the largest hacking forums on the internet, according to a statement from the Ministry of Internal Affairs. The forum had almost 30,000 active users at the time of the seizure and several thousand active users every day.

Correction made 09/07/19: Originally provided an inaccurate number of users for Torum. The forum now has 30,000 users or more with constant user activity.

The seizure went majorly unnoticed by news outlets outside of Belarus. Catalin Cimpanu of ZDNet wrote that law enforcement had already removed the seizure banner by the time he had published an article about the seizure (September 5). The Belarusian news outlet Reformation published an article about the takedown on August 23.

The XakFor Seizure Banner | credit: ZDNet

The XakFor Seizure Banner | credit: ZDNet

The forum, XakFor, launched in 2012 in Belarus. The forum increased in popularity until, according to Cimpanu, it developed a reputation as “the Russian version of HackForums.” Like HackForums, the site had a low barrier of entry that contributed to its popularity with so-called “newbie hackers.” Site users shared various forms of malware, such as RATs and ransomware. Users also stole the work of more successful hackers, cracked it, and resold it on XakFor.

Cimpanu suggested that the increased popularity of the forum let the takedown. Belarusian authorities identified XakFor as a forum hosted in Belarus recently, located the host, and seized the domain. XakFor operated exclusively on the clearnet instead of the darkweb, “a reason many now believe led to its demise,” the ZDNet author wrote.

Similar forums on the darkweb have operated smoothly for years; drug markets are often prioritized by law enforcement in the United States and Russian cybercrime forums usually operate without significant interference from law enforcement. Other darkweb forums with a similar focus on cybercrime and digital activities instead of drug distribution, such as Torum, often maintain a low enough profile to avoid prioritization by even international taskforces Torum, even with its relatively low profile, has 30,000 users as of publication.

There is very little public information about the case and the majority of that information is available in the ZDNet article. I have no interest in rewriting existing content without providing any additional information.

If any of my readers speak Russian and can translate the statement by Olga Chemodanova, the press secretary of the Ministry of Internal Affairs, feel free to get in touch.

No Comments


Do not trust any links posted in the comments section.