{"id":40880,"date":"2021-05-14T20:43:32","date_gmt":"2021-05-14T20:43:32","guid":{"rendered":"http:\/\/b89e1af5-4c76-4642-bcc0-93ff6b1c6799"},"modified":"2021-05-14T20:43:32","modified_gmt":"2021-05-14T20:43:32","slug":"russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/","title":{"rendered":"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.zdnet.com\/a\/hub\/i\/r\/2020\/12\/11\/f9b7e299-ea2c-480b-a697-35ab2dbf0612\/thumbnail\/770x578\/00f418eb7975c5726d70a42cf1b2bfcf\/istock-ransomware.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Cybersecurity researchers with Flashpoint, Digital Shadows&#8217; Photon Research Team and other firms have confirmed that XSS, a popular cybercriminal forum, has outright <a href=\"https:\/\/www.flashpoint-intel.com\/blog\/darkside-faces-xss-ban-servers-seized\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">banned ransomware sales<\/a>, ransomware rental, and ransomware affiliate programs on their platform, according to a announcement released in Russian.&nbsp;<\/p>\n<p>The move comes after global scrutiny of ransomware groups increased following a <a href=\"https:\/\/www.zdnet.com\/article\/colonial-pipeline-restarts-operations-brought-down-by-ransomware\/\">damaging attack on Colonial Pipeline<\/a> that left parts of the United States with gas shortages for days.&nbsp;<\/p>\n<p>Flashpoint reported that on Thursday evening, an administrator of XSS said the decision to outlaw the ransomware activities of active groups like REvil, Babuk, Darkside, LockBit, Nefilim, and Netwalker was due to &#8220;ideological differences&#8221; as well as the increased media attention resulting from latest high profile attacks.&nbsp;<\/p>\n<p>The statement said the &#8220;critical mass of nonsense, hype, and noise&#8221; was leading to concerns among the forum&#8217;s members about law enforcement. They cited a <a href=\"https:\/\/www.usnews.com\/news\/world-report\/articles\/2021-05-11\/russia-denies-involvement-in-darkside-attack-on-colonial-pipeline\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">recent comment from Dmitry Peskov<\/a>, press secretary for Russian President Vladimir Putin, that said the Russian state was not involved in the attack on Colonial Pipeline.<\/p>\n<p>&#8220;Peskov is forced to make excuses in front of our overseas &#8216;friends&#8217; \u2013 this is a bit too much,&#8221; the statement said, according to Flashpoint&#8217;s translation. The company noted that by 7 am on Friday, all of DarkSide&#8217;s posts in the forum had been removed.&nbsp;<\/p>\n<p>DarkSide is allegedly feeling the pressure in other ways, according to Flashpoint, with the group sending out a statement on another cybercriminal forum, Exploit, claiming to have had some of their tools disrupted.&nbsp;<\/p>\n<p>In a now deleted post, DarkSide representatives wrote that the group had &#8220;lost access to the public part of our infrastructure,&#8221; which included the group&#8217;s blog, their payment server and DOS servers.<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\"> <\/section>\n<p>The group claimed that &#8220;funds from the payment server (ours and clients&#8217;) were withdrawn to an unknown address.&#8221; Some security analysts questioned whether the claims were real and wondered whether the message <a href=\"https:\/\/twitter.com\/ddd1ms\/status\/1393164738863980545\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">was simply a ruse to reduce<\/a> the government scrutiny of their actions.&nbsp;<\/p>\n<p>DarkSide&#8217;s situation was also having an effect on other ransomware gangs like REvil, which released a new set of &#8220;guidelines&#8221; urging its members to stay away from healthcare and educational institutions as well as government organizations. The new rules demand that all new targets must be agreed upon by the leaders of the group, according to the message found by Flashpoint.&nbsp;<\/p>\n<p>Representatives for the Avaddon ransomware released similar guidelines on Exploit, according to Digital Shadows. In the last week, both the FBI and the Australian Cyber Security Centre have <a href=\"https:\/\/blog.malwarebytes.com\/ransomware\/2021\/05\/avaddon-ransomware-campaign-prompts-warnings-from-fbi-acsc\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">released notices specifically about Avaddon<\/a>.&nbsp;<\/p>\n<p>&#8220;After the closure of DarkSide, the ransomware landscape is dominated by four major collectives: REvil, LockBit, Avaddon, and Conti. Flashpoint assesses with moderate confidence that well-established ransomware collectives\u2014including REvil, LockBit, Avaddon, and Conti\u2014will continue to operate in private mode,&#8221; the Flashpoint report added.<\/p>\n<p>&#8220;Additionally, ransomware collectives will likely begin to advertise recruitment for new affiliates via their own leak sites since many cybercriminal forums, like XSS, and other similar platforms used for ransomware advertisements will now likely refuse to host their activities.&#8221;<\/p>\n<p>Digital Shadows noted that DarkSide still has a recruitment thread on Exploit, although it has not been updated since April.&nbsp;<\/p>\n<p>Roger Grimes, data driven defense evangelist at KnowBe4, said the fear among security researchers is that much of this is window dressing so that major powers involved can say something was done.<\/p>\n<p>He noted that one of the main problems with ransomware &#8212; that the people behind it cannot be arrested &#8212; is still a major issue that will lead to more attacks.&nbsp;<\/p>\n<p>&#8220;On top of that, many countries are absolutely cybercrime safe havens. Many countries have no problem with cyber criminals originating from their country as long as the criminals don&#8217;t attack their own countries and tacitly agree to do favors for the government, if asked,&#8221; Grimes explained, adding that some nations use stolen money to help fund government services. &nbsp;<\/p>\n<p>&#8220;It funds it directly because the perpetrators are paying expensive local and political bribes to stay in business, and indirectly because they spend the money on goods and services in the country. In many countries cybercriminals are almost celebrated by the officials.&#8221;&nbsp;<\/p>\n<p>Due to the unwanted attention brought by attacking a critical pipeline like Colonial&#8217;s, Grimes said some of those involved in DarkSide may get punished or arrested but countries will not stop serving as cybercrime havens because of how lucrative it is.&nbsp;<\/p>\n<p>&#8220;The only lesson learned in this case is that a new boundary has been set. Don&#8217;t do something that causes energy shortages that gets the other nation&#8217;s government upset,&#8221; Grimes said. &#8220;But will it stop them from stealing tens of billions of dollars from tens of thousands of businesses and individuals? No.&#8221;&nbsp;<\/p>\n<p>He added that drastic action needed to be taken on a global scale to stop countries from protecting ransomware gangs who operated with impunity, noting that the UN <a href=\"https:\/\/front.un-arm.org\/wp-content\/uploads\/2021\/03\/Final-report-A-AC.290-2021-CRP.2.pdf\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">has already started an effort<\/a> to get countries to sign something akin to a &#8220;digital Geneva Convention,&#8221; although it is unlikely to get very far, Grimes said.&nbsp;<\/p>\n<p>KnowBe4 security awareness advocate Erich Kron said XSS sent a strong signal by banning these players from their forum but noted that until countries band together to do something about ransomware, little will change.&nbsp;<\/p>\n<p>&#8220;Between the pipeline issue, attacks on hospitals that closed trauma centers and emergency departments, and the loss of life suffered when a German hospital was taken down, it is no wonder the heat is on these cyber criminals,&#8221; Kron said.&nbsp;<\/p>\n<p>&#8220;It has become painfully obvious that ransomware poses a serious threat to life and to the welfare of individuals, even outside the organizations that are ransomed. Ultimately, to take a bite out of these gangs, governments across the globe need to band together and shut down the illicit infrastructures and arrest the players. We must make the risk higher than the reward if we want to put an end to this dangerous trend.&#8221;<\/p>\n<p> READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The move follows a number of disruptions to DarkSide\u2019s operations in the last 24 hours.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":40881,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-40880","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-14T20:43:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups\",\"datePublished\":\"2021-05-14T20:43:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/\"},\"wordCount\":1015,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/\",\"name\":\"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg\",\"datePublished\":\"2021-05-14T20:43:32+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/","og_locale":"en_US","og_type":"article","og_title":"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-05-14T20:43:32+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups","datePublished":"2021-05-14T20:43:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/"},"wordCount":1015,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/","url":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/","name":"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg","datePublished":"2021-05-14T20:43:32+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups.jpg","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/russian-language-cybercriminal-forum-xss-bans-darkside-and-other-ransomware-groups\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Russian-language cybercriminal forum \u2018XSS\u2019 bans DarkSide and other ransomware groups"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40880","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=40880"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40880\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/40881"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=40880"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=40880"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=40880"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}