Movatterモバイル変換

[0]ホーム
URL:

Jump to content
WikipediaThe Free Encyclopedia
Search

BreachForums

From Wikipedia, the free encyclopedia
Cybercrime forum

BreachForums
Type of site
Internet forum
Available inEnglish
Predecessor(s)RaidForums
Country of originUnited States
Founder(s)Conor Brian Fitzpatrick, also known by hisscreen name "pompompurin"
URL
  • breachforums.st(offline)
  • breached26tezcofqla4adzyn22notfqwcac7gpbrleg4usehljwkgqd.onionTor network(Accessing link help)(offline)
AdvertisingYes
CommercialYes
Users336,800 at time of last shutdown[citation needed]
LaunchedMarch 4, 2022; 3 years ago (2022-03-04)
Current statusOffline

BreachForums, sometimes referred to asBreached, is an English-languageblack hat–hackingcrime forum. The website acted as an alternative and successor toRaidForums following its shutdown and seizure in 2022.[1] Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributeddata breaches,pornography, hacking tools, and various other services.

On March 21, 2023, BreachForums was shut down following the arrest of the forum's owner, Conor Brian Fitzpatrick.[2] The forum was later reopened under the ownership of the hacking groupShinyHunters and previous BreachForums administrator "Baphomet". Fitzpatrick was later sentenced to 20 years supervised release. The site was again shut down and the domain seized on May 15, 2024, though the domain was back under the owner's control just hours later.

BreachForums, along with other dark web forums, usesDDoS-Guard for its web hosting services.[3] DDoS Guard has been criticized for hosting sites associated with illicit activities, and for its lack of action with abuse reports.[4]

History

[edit]

The forum was owned by and founded in March 2022 by then-19-year-old Conor Brian Fitzpatrick, known on the forum under hisscreen name "pompompurin".[5] Fitzpatrick's identity had been based on the Japanese characterPompompurin bySanrio. Fitzpatrick had, a year earlier, claimed responsibility for the2021 FBI email hack.[6] Following his arrest ownership of the forum transferred to hackerShiny Hunters, who announced their retirement in 2024. In 2024,IntelBroker became the new owner of the forum, which had stagnated under its previous administration due to a lack of leadership involvement.[7] In 2025, Intelbroker announced he was stepping down as the forum's admin, transferring ownership to "Anastasia".

Controversies

[edit]

On December 10, 2022, a member of the forum identified by the screen name "USDoD" posted a thread offering the sale of adatabase containing the information of over 80,000 members of theFBI non-profit organization and information portalInfraGard. The individual claimed to have obtained access to the portal through asocial engineering attack in which they pretended to be the CEO of an unknown U.S. financial corporation.[8]

On March 6, 2024, a user known asIntelBroker posted that he was selling data originating from the breach ofDC Health Link, a Washington D.C.health insurance marketplace. Soon after on March 9, 2023, another member identifying under the screen name "Denfur" posted a thread containing 200 entries, claiming that more information was to come. The D.C. Health Benefit Exchange Authority later stated that more than 56,000 customers had been impacted by the breach, but original posts relating to the data claim to have the information of over 170,000 customers.[9][10]

On July 23, 2024, the entire database of the original BreachForums was leaked online by a threat actor. The site's founder, Fitzpatrick, allegedly attempted to sell the data after being indicted and while released on bail.[11]

Arrest and shutdowns

[edit]

On March 15, 2023, in Peekskill, New York,[12] Fitzpatrick was arrested by law enforcement and charged with conspiracy to commit access device fraud in federal court.[5][13] Following Fitzpatrick's arrest, another forum administrator under the screen name "Baphomet" took ownership of the website and its infrastructure. However, following Baphomet's suspicion of the forum being compromised, on March 21, 2023, it was shut down.[14] Baphomet later reopened the forum with black-hat hacking group ShinyHunters.[15]

Approximately a month after his arrest, Fitzpatrick attempted to commitsuicide in his home while released onbail.[16] He later pleaded guilty to conspiracy to commit access device fraud, access device fraud, and possession of child pornography.[17][18] In January 2024, Fitzpatrick was detained after violating his bail conditions which forbade the use of a VPN.[19] Despite federal prosecutors requesting that Fitzpatrick serve over 15 years in prison, he was sentenced to time-served followed by 20 years of supervised release.[20] The United States has since filed an appeal of his sentence.[citation needed]

First domain seizure

[edit]
FBI seizure banner on June 23, 2023

On June 23, 2023, three months after shutting down, theclearnet domains for BreachForums were seized by the Federal Bureau of Investigation, U.S. Department of Health and Human Services, Office of Inspector General, and the Department of Justice in accordance with aseizure warrant issued by theU.S. District Court for Eastern Virginia.

Second domain seizure

[edit]
FBI seizure banner on May 15, 2024

On May 15, 2024, the FBI seized the most recent BreachForums clearnet site along with its onion site and the associatedTelegram. The seizure followed a significant data leak involving Europol's portal. The forum briefly displayed an FBI seizure notice, highlighting cooperation with international partners. The FBI is examining the forum's backend data, which may lead to identifying members and advancing investigations. The forum administrator, Baphomet, was arrested according to ShinyHunters.[21] The site came back online on May 29, 2024.[22]

2025 suspected MyBB 0-day infiltration

[edit]

On 28 April 2025 BreachForums administrators published a PGP-signed statement on the forum’s landing page stating that they had taken the site offline earlier in the month after “trusted contacts” confirmed that law-enforcement agencies had exploited an undisclosed zero-day vulnerability in the MyBB forum software to gain covert access.[23][24][25] The administrators said that an incident-response review found no evidence of data compromise but that the forum would remain offline while its back-end is rewritten. They also warned that recently launched “BreachForums” clones were “likely honeypots” and reiterated that no staff members had been arrested.[23][24]


See also

[edit]

References

[edit]
  1. ^"Justice Department Announces Arrest of the Founder of One of the World's Largest Hacker Forums and Disruption of Forum's Operation".United States Department of Justice. Archived fromthe original on March 28, 2023. RetrievedMarch 28, 2023.
  2. ^"BreachForums down, and will not be back". DataBreaches.net. June 14, 2023 [March 21, 2023]. Archived fromthe original on June 18, 2023. RetrievedJune 18, 2023.
  3. ^"Developing: BreachForums down, ShinyHunters' and forum Telegram channels deleted? – DataBreaches.Net". June 10, 2024. RetrievedSeptember 18, 2024.
  4. ^Kolomychenko, Maria (January 29, 2021). Igumenov, Valery (ed.)."'Remove this infection from your network': The small Russian company that 'saved' Parler has other, far more odious clients".Meduza. Translated by Kevin Rothrock. RetrievedFebruary 9, 2021.
  5. ^abLakshmanan, Ravie."20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison".The Hacker News. Archived fromthe original on April 2, 2023. RetrievedApril 2, 2023.
  6. ^Podkul, Cezary (January 25, 2022)."Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected".ProPublica.Archived from the original on June 1, 2023. RetrievedApril 2, 2023.
  7. ^Melillo, Pietro (August 22, 2024)."IntelBroker Takes Control of BreachForums: A New Chapter in Cybercrime Management".RedHotCyber. RetrievedAugust 29, 2024.
  8. ^Krebs, Brian."FBI's Vetted Info Sharing Network 'InfraGard' Hacked".KrebsOnSecurity.KrebsOnSecurity. Archived fromthe original on April 2, 2023. RetrievedApril 2, 2023.
  9. ^Vicens, AJ."Hacker tied to D.C. Health Link breach says attack 'born out of Russian patriotism'". CyberScoop.Archived from the original on May 8, 2023. RetrievedApril 2, 2023.
  10. ^Bajak, Frank."Congress members warned of significant health data breach".AP News.Associated Press.Archived from the original on April 7, 2023. RetrievedApril 2, 2023.
  11. ^"BreachForums v1 hacking forum data leak exposes members' info".BleepingComputer. RetrievedJuly 25, 2024.
  12. ^"FBI arrests alleged cybercriminal in Peekskill". March 19, 2023.
  13. ^"United States v. Fitzpatrick"(PDF).Courtlistener.United States District Court for the Eastern District of Virginia. p. 29.Archived(PDF) from the original on April 12, 2023. RetrievedApril 2, 2023.
  14. ^Arntz, Pieter."BreachForums to be shut down after all for fear of law enforcement infiltration".Malwarebytes.Archived from the original on May 13, 2023. RetrievedApril 2, 2023.
  15. ^"BreachForums - Official FBI Seizure Notice". November 20, 2024. RetrievedNovember 20, 2024.
  16. ^Clarkin, Regina (April 28, 2023)."Accused Peekskill Cybercriminal Hospitalized Wednesday".Peekskill Herald.Archived from the original on March 18, 2024. RetrievedOctober 28, 2023.
  17. ^"Owner of BreachForums pleads guilty in federal court to three counts, including one involving child pornography". July 14, 2023.Archived from the original on January 20, 2024. RetrievedOctober 28, 2023.
  18. ^"Founder of One of the World's Largest Hacker Foums Arrested in Peekskill: 20 Year Old Admits to Cyber Crimes and Possessing Child Porn, Faces 40 Years". August 21, 2023.
  19. ^Jones, Connor."BreachForums admin jailed for flouting pretrial rules".The Register.Archived from the original on March 7, 2024. RetrievedFebruary 16, 2024.
  20. ^"BreachForums hacking forum admin sentenced to 20 years supervised release".BleepingComputer.Archived from the original on March 17, 2024. RetrievedFebruary 16, 2024.
  21. ^"FBI seize BreachForums hacking forum used to leak stolen data".bleepingcomputer.com.Archived from the original on May 15, 2024. RetrievedMay 15, 2024.
  22. ^"Leak Site BreachForums Springs Back to Life Weeks After FBI Takedown".www.darkreading.com. RetrievedJune 25, 2024.
  23. ^ab"BreachForums Displays Message About Shutdown, Cites MyBB 0-Day Flaw".HackRead. April 28, 2025. RetrievedApril 28, 2025.
  24. ^ab"BreachForums Reveals Law Enforcement Crackdown Exploiting MyBB 0-Day Vulnerability".Cyber Security News. April 28, 2025. RetrievedApril 28, 2025.
  25. ^"BreachForums compromised in zero-day attack on "unpatched" software, new admin says".Cybernews. April 28, 2025. RetrievedApril 28, 2025.
Retrieved from "https://en.wikipedia.org/w/index.php?title=BreachForums&oldid=1287842508"
Categories:
Hidden categories:
[8]ページ先頭
©2009-2025 Movatter.jp