In a coordinated international effort, the US Federal Bureau of Investigation (FBI), Europol, and law enforcement agencies from 14 countries have dismantled LeakBase, one of the most notorious cybercrime forums on the internet. The takedown, which took place on March 3 and 4, marks a significant victory in the ongoing battle against cybercrime.
A Hub for Cybercriminals
LeakBase, with over 142,000 members and more than 215,000 messages, was a bustling marketplace where hackers could buy and sell stolen data, cybercrime tools, and other illicit services. The forum’s shutdown not only disrupts a major platform for cybercriminal activity but also sends a strong message to the global cybercrime community.
Operation Details
The takedown operation involved synchronized actions across 14 countries, with authorities seizing user accounts, posts, credit details, private messages, and IP logs for evidentiary purposes. The FBI Cyber Division Assistant Director, Brett Leatherman, stated, “The FBI, Europol, and law enforcement agencies from around the world executed a takedown of LeakBase, one of the largest online cybercriminal platforms, seizing users’ accounts, posts, credit details, private messages, and IP logs for evidentiary purposes.”
Global Impact
Following the operation, authorities replaced the site with seizure banners, issued prevention notices to members, and collected additional evidence. Search warrants and arrests were executed in the United States, Australia, Belgium, Poland, Portugal, Romania, Spain, and the United Kingdom. Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division emphasized the significance of the takedown: “The disruption of this cyber forum disrupts a major international platform that cybercriminals use to obtain and profit from the theft of sensitive personal, banking, and account credentials.”
Rising Cyber Threats in the Crypto Industry
While the takedown of LeakBase is a significant step, the crypto industry continues to face rising threats. Over the past year, there has been a notable increase in leaked exchange credentials, insider data exposure, and social engineering attempts. In May 2025, cybercriminals reportedly bribed overseas customer service contractors to gain access to Coinbase’s internal systems, stealing personal data that could be used for social engineering scams or physical extortion.
Similarly, almost 60,000 Bitcoin addresses tied to LockBit’s ransomware infrastructure were leaked after hackers breached the group’s dark web affiliate panel. More recently, a trader known as TraderSZ claimed that a former Revolut employee threatened to expose his identity and private information unless he paid a ransom and contacted members of his family.
Looking Forward
The takedown of LeakBase is a crucial step in the fight against cybercrime, but the battle is far from over. The crypto industry must remain vigilant and continue to strengthen its security measures to protect users from emerging threats. Law enforcement agencies are likely to intensify their efforts to disrupt other cybercrime forums and hold cybercriminals accountable for their actions.
About the Author
