{
	"id": "a5ee065c-fb53-48d0-9837-61def382f8a1",
	"created_at": "2026-04-06T00:14:09.718117Z",
	"updated_at": "2026-04-10T03:20:01.203072Z",
	"deleted_at": null,
	"sha1_hash": "bc110f0051f4fcf22a97581af6b4d34c3e67dcef",
	"title": "Popular Russian hacking forum XSS bans all ransomware topics",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1934290,
	"plain_text": "Popular Russian hacking forum XSS bans all ransomware topics\r\nBy Lawrence Abrams\r\nPublished: 2021-05-14 · Archived: 2026-04-05 16:21:20 UTC\r\nOne of the most popular Russian-speaking hacker forums, XSS, has banned all topics promoting ransomware to prevent\r\nunwanted attention.\r\nXSS is a Russian-speaking hacking forum created to share knowledge about exploits, vulnerabilities, malware, and network\r\npenetration.\r\nWith the rise of ransomware, Ransomware-as-a-Service (RaaS) gangs, such as REvil, LockBit, DarkSide, Netwalker,\r\nNefilim, have increasingly been using the forum to enlist new affiliates/partners to their operation.\r\nhttps://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nAfter DarkSide encrypted Colonial Pipeline and disrupted the U.S. fuel pipeline's operation, law enforcement and security\r\nresearchers have been increasingly scrutinizing the ransomware gang and sites that promote it.\r\nIn a forum post discovered by Advanced Intel's Yelisey Boguslavskiy, the owner of the XSS hacking forum, known as\r\n'Admin,' posted today that forum topics promoting ransomware are no longer allowed at the site.\r\nForum post banning ransomware topics\r\nThis post states that all \"Ransomware affiliate programs\", \"Ransomware rental\", and the \"sale of lockers (ransomware\r\nsoftware)\" are prohibited, and any existing topics will be deleted.\r\nThe reason for the ban is that the owner feels that ransomware brings unwanted attention to the site and \"has become\r\ndangerous and toxic.\"\r\nYou can read a portion of the translated text below:\r\n\"Degradation on the face. Newbies open up the media, see some crazy virtual millions of dollars that they will\r\nnever get. They don't want anything, they don't learn anything, they don't code anything, they just don't even\r\nthink, the whole essence of being comes down to \"encrypt - get $\". They just run to github, look for locker sorts\r\nthere and run to encrypt everything they see. Since our forum is aimed at beginners, this factor is important to us.\r\nToo much PR. Lockers (ransom) have accumulated a critical mass of nonsense, nonsense, hype, noise. When you\r\nmeet the \" Ransomvarny negotiator \" Profession , you understand that you are in the looking glass or just crazy.\r\nMoreover, 90% of this madness was created artificially, feeding this hype. Those who make good money on this\r\nnoise (exchanges, insurance, intermediaries, media, etc.)\r\nPolicy and hazard level. Peskov is forced to make excuses in front of our overseas \"friends\" - this is some kind of\r\nnonsense and exaggeration. The word ranso was equated with a number of unpleasant phenomena - geopolitics,\r\nextortion, government hacking. This word has become dangerous and toxic.\r\nLockers will exist for a long time. This phenomenon was too loudly promoted.\"\r\nRansomware gangs not happy\r\nShortly after the posting of the topics, representatives of the REvil ransomware gangs showed their displeasure. \r\nhttps://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/\r\nPage 3 of 5\n\nPost by REvil representative\r\nPost by LockBit operator\r\nWith ransomware gang's core members keeping a low profile, law enforcement targets the affiliates to weaken or force an\r\noperation to close down.\r\nAs more hacking communities make ransomware operations unwelcome, it will become harder for RaaS operations to\r\nrecruit new affiliates and promote their activities.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nhttps://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/\r\nPage 4 of 5\n\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/\r\nhttps://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/"
	],
	"report_names": [
		"popular-russian-hacking-forum-xss-bans-all-ransomware-topics"
	],
	"threat_actors": [],
	"ts_created_at": 1775434449,
	"ts_updated_at": 1775791201,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/bc110f0051f4fcf22a97581af6b4d34c3e67dcef.pdf",
		"text": "https://archive.orkl.eu/bc110f0051f4fcf22a97581af6b4d34c3e67dcef.txt",
		"img": "https://archive.orkl.eu/bc110f0051f4fcf22a97581af6b4d34c3e67dcef.jpg"
	}
}