After the attack on the Colonial Pipeline, the fight against ransomware intensified, and the XSS forum decided to “disown” all topics promoting ransomware to prevent unwanted attention.
One of the most popular Russian-language cybercrime forums, XSS, has banned all ransomware topics in order not to attract unwanted attention after the attack on the Colonial Pipeline.
XSS is a hacking forum was created to share exploits, vulnerabilities, malware, and network access. However, as ransomware grew in popularity, Ransomware-as-a-Service (RaaS) groups such as REvil, LockBit, DarkSide, Netwalker, and Nefilim began to use it. for recruiting partners.
After the DarkSide attack on the American fuel giant Colonial Pipeline left gasoline shortages across the US West Coast, law enforcement and security researchers have stepped up their fight against cyber ransomware groups and ransomware sites.
On May 13 this year, the owner of XSS, known as Admin, posted a statement banning ransomware ads on the forum.
“Friends, on our forum lockers (Ransomware) and everything connected with them are prohibited. Namely: Ransomware affiliate programs, Ransomware rental, sale of lockers (Ransomware software). All topics covered by this rule have been removed. Fortunately, only a few of them were found, ”the message says.
As Admin explained, he himself “doesn’t like lockers.” According to him, the forum is technical in nature and is intended for knowledge exchange, training and writing articles. The purpose of ransomware is solely to make money.
“The goals are not the same. No, of course, everyone needs money, but not to the detriment of basic aspirations. We are not a market or a marketplace, ”said Admin.
You can read a portion of the translated text below:
“Degradation on the face. Newbies open up the media, see some crazy virtual millions of dollars that they will never get. They don’t want anything, they don’t learn anything, they don’t code anything, they just don’t even think, the whole essence of being comes down to “encrypt – get $”. They just run to github, look for locker sorts there and run to encrypt everything they see. Since our forum is aimed at beginners, this factor is important to us.
Too much PR. Lockers (ransom) have accumulated a critical mass of nonsense, nonsense, hype, noise. When you meet the ” Ransomvarny negotiator ” Profession , you understand that you are in the looking glass or just crazy. Moreover, 90% of this madness was created artificially, feeding this hype. Those who make good money on this noise (exchanges, insurance, intermediaries, media, etc.)
Policy and hazard level. Peskov is forced to make excuses in front of our overseas “friends” – this is some kind of nonsense and exaggeration. The word ranso was equated with a number of unpleasant phenomena – geopolitics, extortion, government hacking. This word has become dangerous and toxic.
Lockers will exist for a long time. This phenomenon was too loudly promoted.”