Stunning...

DOJ charged two men over “AudiA6,” an alleged crypto laundering service tied to $389M in transactions since 2021. The international takedown hit servers, domains, Telegram accounts, crypto assets, and Dark2Web/AudiA6 sites. justice.gov/usao-edpa/pr/two… justice.gov/usao-edpa/media/… #AudiA6 #Dark2Web #cybercrime

Official statement from the DamageLib moderation team: Friends of Damaga! A few words about the current situation and the team’s plans going forward. As industry media have already reported, gliderexpert disappeared on June 3, 2026, at approximately 5:30 PM. Around the same time, the servers hosting the forum, file-sharing service, and Git went offline. The bad news is that, as it turned out, gliderexpert was the only person with access to the full forum backup. Of course, we also bear responsibility as organizers for losing the backups, but the platform’s OPSEC and overall security have always been, and remain, our priority. We do not know what happened to gliderexpert, and we have no way to find out. He is not responding through any available contacts, and as the classic saying goes: “Guys, we are no longer family friends and we no longer drink beer together.” What happens next? We got together as a team and decided that Damaga’s work must continue. There is also good news: we still have access to the clearnet domains, the XSS parsing, and all the scripts and plugins we developed, including encrypted SMS — all of that remains in our stash. Guys, we have decided to build DaMaGeLiB 2.0! Of course, we will lose almost a year of forum history, but this is not the first time something like this has happened to Damaga. Moreover, we understand that we will make up for what was lost. Despite the critics, we are confident that we have found our niche and that a non-commercial forum is fully viable. Once again, it will be useful for everyone to change their nicknames and start with a clean slate. Why not adopt this wonderful tradition of changing nicknames once a year? You will be able to verify all members of our team using public PGP keys. Let’s learn together how to verify each other through cryptography! At the moment, we ask you to be patient, wait for updates from us, AND DO NOT GIVE IN TO PROVOCATIONS. There is currently no official platform, but honeypots may appear. All official information will be published only on the domains: damagelib.hk, damagelib.tw; in the Telegram channel: t.me/damagelib; and on X: x.com/damagelib Wishing everyone a successful week and a great weekend AT THE DACHA with some shashlik :) Respectfully, your Damaga @DamageLib

ReHub forum Arbiter “Vinki” appears to be permanently banned by Weaver #darknet #underground #forum #cybersecurity

🐕 👓 💨 🤣

Silent #Ransom Group Impersonating IT Personnel through Social Engineering ic3.gov/CSA/2026/260526.pdf

Alone in a Cell Part 2: A Hacker, a Decade, and Survival Where a Guard Was Killed Over Boiling Water The second part of the #interview with #hacker Vladimir #Drinkman focuses on his years in US prisons, his release, and his plans for the future. He describes a harsh and often violent environment, recalling extreme incidents and the unsettling psychology of inmates, where even having three life sentences reduced to two is seen as a victory. He recounts witnessing a prison guard killed over boiling water and reflects on how such experiences shaped his view of prison life. He also notes that, outside prison, Americans tend to steer clear of hiring #Russian #hackers. After more than a decade behind bars, Drinkman speaks about his first days of freedom and the challenges of returning to normal life. He emphasizes that his past continues to shape his future, especially in the job market, where his background makes employers hesitant. gazeta.ru/tech/2026/05/04/22…

Alone in a Cell: A Hacker, a Decade, and a Pigeon Named Baksik The article is an #interview with #Russian #hacker Vladimir #Drinkman about his arrest in the Netherlands in 2012 and the more than 10 years he spent in European and U.S. prisons. He describes very different prison conditions, from harsh solitary confinement to relatively comfortable Dutch facilities, and says that during his isolation his only “friend” was a pigeon he named Baksik. Drinkman also recounts how he was eventually extradited to the United States in February 2015, flown there in chains, and placed in a tough New Jersey jail. The piece focuses less on #cybercrime details and more on the human side of his imprisonment, isolation, transfers between prisons, and survival in custody. gazeta.ru/tech/2026/04/29/22…

The Heart Wants What It Wants: Convenience and Moral Drift in Cybercrime pretalx.com/bsidescharm2026/… pretalx.com/bsidescharm2026/… @DrinkmanV @sky31337 @BSidesCharm

In January, the seizure of #RAMP disrupted the #ransomware community, forcing many actors to disperse across restricted forums such as #T1erOne and #Rehub. @insidedarknet conducted an exclusive interview with a @tieroneforum administrator. buymeacoffee.com/insidedarkn…

Interesting to read the articles!

А вот и конкурс статей для участников форума T1erOne, спонсируемый рансом-партнеркой cry0 #T1erOne #forum #cry0 #ransomware #TierOne

a new ransomware forum T1erOne that was opened right after the shutdown of the forum RAMP is paying hackers to write articles and the topics are quite interesting 🤔 - AI Assisted RCE Hunting - AI Assisted Reverse Engineering

Please note related fake results to this campaign impersonating KeePassXC , Joplin, Cyberduck, WinSCP, Amazon S3 browser, Emeditor and Putty🚨 Domains (5.8.18.129): winscp-download[.]us[.]org winscp-setup[.]net winscp-app[.]org mullvad-vpn[.]us[.]org mullvad-download[.]org mullvad-download[.]it[.]com winscp-downloads[.]com s3-browser[.]quest s3-browser-download[.]blog em-editor[.]co[.]com joplin-download[.]com joplin-desktop[.]app emeditor-download[.]co[.]com cyberduck[.]info cyber-duck[.]co[.]com filezilla-project[.]us[.]com putty-setup[.]us[.]com cyberduck-ftp[.]com cyberduck-download[.]org winscp-ftps[.]com Also observed using another EV cert from malicious signers "Shenzhen Xingzhongxing Electronic Technology Co., Ltd." (Sectigo) KeePass (keepassxc[.]us[.]org) fa68320fd6c7ea9849145066b7b13507cf4186900a218cdc67d387341632d825 b4ad76f7fab47d36f538df5f8f7b5d5f41f15a6c2c3a9c128dd1d49b3d96957c

Watch out for fake @mullvadnet VPN results delivering signed Powershell-loader malware! mullvad-vpn[.]us[.]org >> mullvad-download[.]org Sample: a4b6e81233ca2b8a4c6ace3da6344a7e0a8df92ee06c4763c7b18001c169b133 signed "Xiamen Quanlian Information Technology Co., Ltd." (Sectigo) Detonation: app.any.run/tasks/ebcbc591-6… This malware executes obfuscated Powershell code from metrics.msft17[.]com/run/XYaR5gFi (Find it here 7b7c3c662d06de7dd0bc41a6fee99cd6d460d204aab7ade67e321bebf04b7447) The malware uses host events[.]ms709[.]com as a botnet C2 with encoded communications

Mastermind Behind REvil and GandCrab Revealed: Daniil Shchukin (“UNKN”) krebsonsecurity.com/2026/04/…

May Christ’s light continue to shine over our great nation.

Russia 🇷🇺 sentenced the carding gang leader “Flint” and 25 associates for large-scale payment fraud, mainly targeting stolen financial data, highlighting rare domestic prosecution of cybercriminals tied to global fraud networks. therecord.media/russia-flint… More information: t.me/cIub1337/490

Footage of the detention of the administrator of LeakBase forum in Taganrog, Rostov Region, Russia 🇷🇺. Via MVD representatives Report: "According to available information, the platform hosted hundreds of millions of user accounts, bank details, logins and passwords, as well as corporate documents obtained as a result of hacking. Over 147 thousand users registered on the forum could buy and sell this data, as well as use it to commit fraudulent actions against citizens. During the search at the detainee's residence, technical equipment and other items of evidentiary significance were seized. A criminal case has been initiated by the investigator of the Main Investigative Department of the Ministry of Internal Affairs of Russia in Moscow on the grounds of crimes provided for in parts three and six of Article 272.1 of the Criminal Code of the Russian Federation. A preventive measure in the form of detention has been chosen against the defendant."

Russian Citizen Sentenced to Prison for #Hacking into U.S. Companies and Enabling Major #Cybercrime Groups to Extort Tens of Millions of Dollars “Volkov, 26, of St. Petersburg, Russia, was an “initial access broker,” that is, a person who specializes in gaining unauthorized access to computer networks and systems of corporations and organizations and selling that access to other cyber threat actors such as ransomware groups. #Volkov found vulnerabilities in computer networks and systems, identified ways to access those networks and systems without authorization, and sold that illicit access to conspirators who were also cybercriminals.” justice.gov/opa/pr/russian-c…