= XSS.is =

XSS.is
- Logo: Logo of XSS.is.svg
- Type: Internet forum
- Language: Russian
- Predecessor: DaMaGeLaB
- Owner: "Toha"
- Creator: Sergey Yarets
- Url: xss.is

XSS.is was a Russian-language underground cybercrime internet forum known for facilitating the trade of malware, exploits, access to compromised systems, and offering a meeting ground for threat actors and ransomware affiliates.

== History ==
XSS.is was created in 2013 as a hub for cyber criminals and APT actors to trade, buy, and sell malware, ransomware as a service, and exploits. The forum was created as a successor to the forum DaMaGeLaB created in 2004 and after the arrest of forum admin Sergey Yarets in December 2017, known as Ar3s on the forum, XSS.is became the main successor. At its peak it had more than 50,000 users registered and active. It was considered one of the longest running cyber crime forums on the internet.

=== Shut down and seizure ===
French authorities have been monitoring and intercepting data and messages through a Jabber-based messaging service known as thesecure.biz which was run by the admins of XSS.is and used by cyber criminals since early 2021. Because of the leaked messages, authorities were able to estimate a profit by the administrator to be ~7 million euros (8 million USD). Through the interception of data and wiretaps by French authorities, they were able to identify the suspected administrator of XSS.is which led to his arrest. The administrator, who ran the forum under the alias Toha, would be found to be living in Kyiv, Ukraine. Moments before the forum was shut down members started talking about the inability to message on thesecure.biz noting it may have been hijacked. These investigations would lead to his arrest and the site's seizure on July 22, 2025.
