LeakBase Hacker Forum Admin Arrested in Russia Enforcement Authorities

Russian authorities have arrested the suspected administrator of LeakBase, a prominent international hacker forum.

The operation, coordinated by the Russian Ministry of Internal Affairs (MVD) alongside the Bureau of Special Technical Measures (BSTM), dismantled a platform that traded in stolen personal data and compromised network access for four years.

Authorities apprehended the suspect in Taganrog, a city in Russia’s Rostov Oblast, delivering a major blow to the underground data trading ecosystem.

According to Irina Volk, the official spokesperson for the MVD, the forum functioned as a massive underground marketplace with over 147,000 registered members.

It hosted hundreds of millions of stolen records, including user account credentials, banking details, and sensitive corporate documents.

Threat actors heavily leveraged this repository to execute secondary attacks, such as credential stuffing, identity theft, and targeted financial fraud.

Corporate documents traded on the platform also provided initial access brokers with the necessary leverage to breach enterprise networks.

LeakBase Hacker Forum Admin Arrested

During a targeted raid at the suspect’s residence, authorities seized critical technical equipment, including servers and external storage media.

Investigators will subject this hardware to deep digital forensic analysis to map the forum’s infrastructure and uncover hidden operational details.

Access logs, private communications, and cryptocurrency wallets found on these devices could help law enforcement identify the platform’s top sellers.

This intelligence may eventually allow authorities to track down the threat actors responsible for the original data breaches.

Following the raid, an investigator from the Main Investigative Directorate of the MVD for Moscow officially opened a criminal case against the detainee.

The suspect faces serious charges under Article 272.1, Parts 3 and 6 of the Russian Criminal Code, which specifically addresses the illegal access to computer information. The defendant remains remanded in custody while the joint investigation continues.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.