Chucky

Chucky is an underground cybercrime actor associated with the LeakBase forum and also known by the aliases Chuckies and Sqlrip. Reporting links Chucky to operating or being associated with LeakBase, a clearnet cybercrime forum active since 2021 that sold hacked databases, stolen credentials, financial information, and stealer logs. LeakBase had over 142,000 members and more than 215,000 messages by December 2025 before being dismantled in the March 3–4, 2026 international law enforcement action codenamed Operation Leak. Authorities stated the forum’s data, including user accounts, posts, private messages, credit details, and IP logs, were seized for evidentiary purposes. Chucky has been reported as having a track record of sharing large collections of databases containing sensitive information from global entities. In March 2023, a user named Chucky posted a LeakBase thread titled "Json No Pass Cloud Instagram Leak 17M Lines." That dataset was later assessed to be the same Instagram 17 million-record dataset re-advertised by Solonik in 2026, with matching JSON structure, field ordering, and sample values, indicating the data had circulated unchanged since at least 2023. Reporting also notes possible linkage between the aliases Chucky, Chucky_lucky, and Solonik based on overlap in timing, datasets, platforms, and Telegram channels, but this linkage was not conclusively proven. Known associated LeakBase administrators and moderators included BloodyMery, OrderCheck, and TSR. LeakBase reportedly prohibited the sale or publication of Russian databases. No high-confidence nation-state attribution is provided in the source material.