Russian Underground Cybercriminal Forum Hacked

A closed underground forum that served as a hangout for some of the most notorious Russian cybercriminals was hacked and its entire database was leaked.

According to LifeNews.ru [Google translation], MAZA.la was compromised on February 18 by hackers from a rival forum called Direct Connection.

Direct Connection is home to the CyberLords Team, the hacking crew of 27-year-old Eugene Anikin, one of the fraudsters who stole $10 million from RBS WorldPay.

Anikin recently received a five-year suspended prison sentence in Russia for his involvement in the RBS cyberheist.

MAZA.la also had its notorious members, such as Vladislav Horohorin, aka BadB, founder of the CarderPlanet underground marketplace.

An Ukranian national, Horohorin was arrested last year in France as he was boarding a plane bound for Moscow. The FBI sought to extradite him to the United States so he could face charges of fraud and identity theft.

Russian spammer and malware writer Peter Levashov, aka "Severa," was also a MAZA.la forum regular, as well as well known identity thieves Sergey Kozerev, aka "zo0mer," and Roman Khoda, aka "My0," who are still wanted by U.S. authorities.

In total, MAZA.la had over 2,000 members whose information and private communications are now in the hands of law enforcement authorities.

The site was taken offline shortly after the hack and remains down at the time of writing this article. It's unclear if it will ever return.

Life News reports that RSA, the Anti-Money Laundering Alliance and the International Information Systems Forensics Association (IISFA) all have access to the leaked database.

Discussions on the forum ranged from the emergence of new banking trojans like SpyEye, to dealing in fake documents, trading of online casino and lottery accounts and exchanging money laundering methods.

Hopefully this leak will help law enforcement agencies in their cybercriminal investigations.