EUROOPOL splits a cybercrime forum, part of the operation and Kosovo

Three people have been arrested Wednesday in a Kosovo Police operation against cyber crime, carried out in co-ordination with EUROOPOL. According to the joint communiqué of the Kosovo Police and Special Prosecutor, the Kosovo operation was conducted on March 3rd by investigators from the Directorate for Cyber Crimes Investigation in the Kosovo Police, under the leadership of [...]
By communique The joint Kosovo Police and Special Prosecutor, the Kosovo operation, was conducted on March 3rd by investigators from the Directorate for Investigation of Cyber Crimes in the Kosovo Police, under the leadership of the Special Prosecutor of the Republic of Kosovo, at three locations: Duration, Obilic and Ferizaj.
At the order of the Special Prosecutor has been detained for 48 hours persons: “A.R., A.K. and R.H., under suspicion of committing unauthorized criminal acts into computer system and “ID and credentials loss”.
Suspects Acting on False Names
As RK reports, suspects during the 20232025 period using their technological knowledge and acting under nicknames and false names have provided ways Illegal Personal, financial and credentials data. This data is then published on the online platform “LAKBASE. IO”, with the aim of selling and profiting materially, and enabling unauthorized persons to use them for criminal purposes.
Photo: PK
In the quality of material evidence, 3 laptop computers; 5 computer cottages; 6 mobile phones; 2 memory devices.
The action is part of an international police operation (OP LEAK), which has been conducted simultaneously and co-ordinated in: US, Great Britain, Australia, Germany, Kosovo, Romania, Poland, Portugal, Canada, Malaysia, Greece, Spain, the Netherlands and Belgium.
The action has already announced EUROOPOL on the official page.
What is “Leacbase”, and how did it work?
The forum, known as LeakBase, served as a central center in the cybercrime ecosystem, specialising for the trade and flow of databases and so-called burglar <x0log” archives of credentials stolen through the malware that served as information thief. Accessable online and operating in English, the platform combined elements of a discussion forum, enabling cybercriminals to buy, sell and exchange compromised data.
Photo: EUROOPOL
“This operation proves that no corner of the Internet is out of the reach of international law enforcement. What started as a dark forum for stolen data has now been dismantled and those who believed they could hide behind anonymity are being identified and held responsible. This is a clear message for cybercriminals everywhere: If you trafficking the stolen information of others, law enforcement will find you and lead you to justice”, has said Edwardas dealt with leaders of the European Cybercrime Centre in EUROOPOL.
Russia-related data was not published
LeakBase, who had been active since 2021, kept a large and up-to-date archive with the established database, ranging from historical flows to recently compromised data. The forum featured large volumes of pair of credentials including email combinations and passwords, as well as other credentials to facilitate the theft of accounts, fraud and cyber interventions.
One of the key domestic rules of the forum was Stop of sale or publication of any donation associated with Russia.
By December 2025, LeakBase numbered more than 142,000 registered users, approximately 32,000 posts and over 215 thousand private messages, proving the global scale and extent.












