Sunday, May 19, 2024
HomeCyber SecurityFBI seize BreachForums hacking discussion board used to leak stolen knowledge

FBI seize BreachForums hacking discussion board used to leak stolen knowledge

BreachForums seizure banner

The FBI has seized the infamous BreachForums hacking discussion board that leaked and bought stolen company knowledge to different cybercriminals.

The seizure occurred on Wednesday morning, quickly after the location was used final week to leak knowledge stolen from a Europol legislation enforcement portal.

The web site is now displaying a message stating that the FBI has taken management over it and the backend knowledge, indicating that legislation enforcement seized each the location’s servers and domains.

“This web site has been taken down by the FBI and DOJ with help from worldwide companions,” reads the seizure message.

“We’re reviewing this website’s backend knowledge. When you have info to report about cyber legal exercise on BreachForums, please contact us,” continues the seizure banner.

The seizure message additionally reveals the 2 discussion board profile footage of the location’s directors, Baphomet and ShinyHunters, overlaid with jail bars.

If legislation enforcement has gained entry to the hacking discussion board’s backend knowledge, as they declare, they’d have electronic mail addresses, IP addresses, and personal messages that would expose members and be utilized in legislation enforcement investigations.

The FBI has additionally seized the location’s Telegram channel, with legislation enforcement sending messages stating it’s below their management.

One of many messages posted to the seized Telegram channel by legislation enforcement got here immediately from Baphomet’s account, presumably indicating that the menace actor was arrested and his gadgets at the moment are within the palms of legislation enforcement.

Seized BreachForums Telegram channel
Seized BreachForums Telegram channel
Supply: BleepingComputer

The FBI is requesting victims and people contact them with details about the hacking discussion board and its members to help of their investigation.

The seizure messages embody methods to contact the FBI in regards to the seizure, together with an electronic mail, a Telegram account, a TOX account, and a devoted web page hosted on the FBI’s Web Crime Grievance Heart (IC3).

“The Federal Bureau of Investigation (FBI) is investigating the legal hacking boards often called BreachForums and Raidforums,” reads a devoted subdomain on the FBI’s IC3 portal.

“From June 2023 till Might 2024, BreachForums (hosted at and run by ShinyHunters) was working as a clear-net market for cybercriminals to purchase, promote, and commerce contraband, together with stolen entry gadgets, technique of identification, hacking instruments, breached databases, and different unlawful providers.”

“Beforehand, a separate model of BreachForums (hosted at and run by pompompurin) operated an identical hacking discussion board from March 2022 till March 2023. Raidforums (hosted at and run by All-powerful) was the predecessor hacking discussion board to each model of BreachForums and ran from early 2015 till February 2022.”

This IC3 subdomain hosts a kind that victims and different people can use to share details about BreachForums and its members.

BleepingComputer contacted the FBI and Division of Justice with additional questions, however no response was instantly accessible.

The infamous BreachForums

BreachForums was the successor of a string of hacking boards used to commerce, promote, and leak stolen knowledge, in addition to promote entry to company networks and different unlawful cybercrime providers.

The primary of those websites was often called RaidForums, which initially launched in 2015 and have become the most important website for distributing stolen knowledge, and was generally utilized by ransomware and extortion teams.

The positioning was ultimately seized by legislation enforcement, with the police arresting the proprietor often called “All-powerful”.

Quickly after, one in every of its extra energetic members, Pompompurin, created a brand new discussion board referred to as ‘Breached’ to fill the void left behind by RaidForums.

The positioning rapidly grew in reputation and was utilized by hundreds of members to brag about their cybercrime actions and to leak and promote stolen knowledge.

Nevertheless, the location quickly drew the ire of legislation enforcement after one in every of its members, IntelBroker, leaked the stolen knowledge of D.C. Well being Hyperlink, a healthcare supplier for U.S. Home members, their employees, and their households.

Quickly after, Breached was seized by legislation enforcement, and its admin, Conor Fitzpatrick (aka Pompompurin), was arrested.

As soon as once more, these on this cybercrime group have been left and not using a dwelling, so one in every of Breached’s earlier admins, often called Baphomet, teamed with ShinyHunters, a infamous vendor of stolen knowledge, to launch a brand new website named BreachForums.

Like the opposite websites, BreachForums rapidly grew to become fashionable with stolen company knowledge being leaked from new breaches, together with these on AT&T, 23andMe, Hewlett Packard Enterprise, Dwelling Depot, Dell, PandaBuy, and The Put up Millenial.

At present’s seizure message signifies that legislation enforcement has had entry to the location’s servers, doubtlessly for a very long time, as they monitored menace actors’ actions.

Nevertheless, the breach that went too far could have been the current leak of information stolen from Europol’s Platform for Consultants (EPE) portal by a menace actor often called IntelBroker, forcing legislation enforcement to take motion.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments