Cyber Crime

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet.

Belarusian police have seized the servers of XakFor (xakfor[.]net), a popular hacking forum a place frequented by hackers, malware authors, scammers and cybercriminals.

The news was first reported by the Belarusian news outlet Reformation.

“This resource has been revealed divisions on the fight against cybercrime and the Interior Ministry of Internal Affairs of Minsk region in the course of carrying out activities aimed at ensuring the provisions of the Information Security Concept of the Republic of Belarus ” , – said the deputy head of the management of the disclosure of crimes in the sphere of high MVD RB Lieutenant Colonel technologies Kirill Vyatkin .

“As a result, the Ministry of Internal Affairs and the IC joint efforts were able to close the site.”

Unlike other crime forums, XakFor was not hosted on anonymizing networks like Tor and I2P.

The seizure of XakFor has been announced by the Belarusian Ministry of Internal Affairs.

XakFor has been active since 2012, most of its visitors were Russian-speaking hackers and crooks. The site was considered the right place online where to find free malware or to buy not sophisticated malicious codes, including ransomware and RAT.

According to Belarusian authorities, XakFor had more than 28,000 registered accounts at the time of seizure that took place last month.

It was initially a closed invite-only community and was frequented by most prominent Russian hackers and crooks, later the admins decided to open registrations to all users. Then the vast majority of the visitors were newbie hackers that were starting their criminal carrier.

“The forum’s reputation changed accordingly, and in the past half-decade, XakFor became the Russian version of HackForums — an English-speaking forum populated by low-skilled hackers,” reported ZDNet.

Not all the malware were authentic, some of them were cracked versions, while others were backdoored.

The Bielorussian authorities launched an investigation on the forum and discovered it was hosted in Bielorussia then sent a takedown notice to take shutdown it.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – XakFor forum, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Palo Alto Networks fixed multiple privilege escalation flaws

Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions.…

20 hours ago

Unusual toolset used in recent Fog Ransomware attack

Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec…

23 hours ago

Paraguay Suffered Data Breach: 7.4 Million Citizen Records Leaked on Dark Web

Resecurity researchers found 7.4 million records containing personally identifiable information (PII) of Paraguay citizens on…

2 days ago

Apple confirmed that Messages app flaw was actively exploited in the wild<gwmw style="display: none; background-color: transparent;"></gwmw>

Apple confirmed that a security flaw in its Messages app was actively exploited in the…

2 days ago

Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer

Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer…

2 days ago