In the Darknet, a shadow market has existed and develops for a long time, which significantly fuels the entire cybercrower industry. We are talking about XSS.is – a closed forum that actively attracts the attention of advanced hackers. Recently it became known that access to accounts of this forum suddenly became a bargaining coin In digital bandits.
In September 2024, on Breachforums, a friend of the cybercrime forum, the user under the nickname “NOTWJ” posted an ad for the sale of fully activated XSS.is accounts with access to the mail. This proposal caused a stir in the cyber resident community. For a better understanding, it is important to note that XSS.is is known for its strict system for checking the participants.
The forum requires potential members of not only technical skills, but also a confirmed reputation in the field of cybercrime. Clanses take place of complex tests related to the solution of coding problems, and should also have recommendations from existing participants.
Sale of accounts of XSS.is opens the doors to the forum, and at the same time to the software and materials published there, for less qualified, but no less dangerous hackers, which can change the balance of power in the world of cyberism. However, the reputation of the forum after such an incident can hardly be envied.
Sale of accounts of XSS.is has serious consequences for cybersecurity. Now, even novice attackers can access tools and techniques previously accessible only to the elite. This increases the possible surface of the attack, creating additional difficulties for companies and organizations. In addition, this can lead to the emergence of a new type of service in cyber underground – providing access to exclusive forums and sites.
For law enforcement agencies, the situation is also complicated: the growth of the number of participants in closed circles of cybercriminals can violate current investigations and make it difficult to collect intelligence.
Thus, the sale of XSS.is accounts marks an important stage in the development of cybercrime. This process can not only violate the established hierarchies, but also make complex cyber attacks available to a wider circle of attackers.