BreachForums
Screenshot
BreachForums homepage (March 19, 2023)
Type of site
Internet forum
Available inEnglish
Predecessor(s)RaidForums
Country of originUnited States
Founder(s)Conor Brian Fitzpatrick, also known by his screen name "pompompurin"
URL
AdvertisingYes
CommercialYes
RegistrationOptional
Users336,800 at time of shutdown
LaunchedMarch 4, 2022 (2022-03-04)
Current statusOnline

BreachForums is an English-language black hat hacking crime forum. The website acts as an alternative and successor to RaidForums following its shutdown and seizure in 2022.[1][2] Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributed data breaches, pornography, hacking tools and various other services.

On March 21, 2023, BreachForums was shutdown following the arrest of the forum's owner, Conor Brian Fitzpatrick.[3] The forum was later reopened under the ownership of the hacking group ShinyHunters and previous BreachForums administrator "Baphomet".

History

The forum was founded and owned in March 2022 by then-19 year old Conor Brian Fitzpatrick, known on the forum under the screen name "pompompurin".[4] Fitzpatrick's identity on the internet had been based on the Japanese character by Sanrio of the same name. Fitzpatrick had, a year earlier, claimed responsibility for the 2021 FBI email hack.[5]

Controversy

On December 10, 2022, a member of the forum identified by the screen name "USDoD" posted a thread offering the sale of a database containing the information of over 80,000 members of the FBI non-profit organization and information portal InfraGard. The individual claimed to have obtained access to the portal through a social engineering attack in which they pretended to be the CEO of an unknown U.S. financial corporation.[6]

On March 9, 2023, another member identifying under the screen name "Denfur" posted a thread containing 200 entries originating from a breach of the District of Columbia health insurance marketplace DC Health Link, claiming that more information was to come. The D.C. Health Benefit Exchange Authority later stated that more than 56,000 customers had been impacted by the breach, but original posts relating to the data claim to have the information of over 170,000 customers.[7][8]

Arrest and shutdown

On March 15, 2023, Fitzpatrick was arrested by law enforcement and charged with conspiracy to commit access device fraud.[4][9] Following Fitzpatrick's arrest, another forum administrator under the screen name "Baphomet" took ownership of the website and its infrastructure. However, following Baphomet's suspicion of the forum being compromised, on March 21, 2023, it was shut down.[10] Baphomet later reopened the forum with black-hat hacking group ShinyHunters.

Approximately a month after his arrest, Fitzpatrick attempted to commit suicide in his home while released on bail.[11] He has since pleaded guilty to conspiracy to commit access device fraud, access device fraud, and possession of child pornography. His sentencing is scheduled for January 2024.[12]

Domain seizure

On June 23, 2023, three months after shutting down, the clearnet domains for BreachForums were seized by the Federal Bureau of Investigation, U.S. Department of Health and Human Services, Office of Inspector General, and the Department of Justice in accordance with a seizure warrant issued by the U.S. District Court for Eastern Virginia.[13][14]

See also

References

  1. "Welcome & FAQ Thread | BreachForums". BreachForums. March 16, 2022. Archived from the original on December 18, 2022. Retrieved March 28, 2023.
  2. "Justice Department Announces Arrest of the Founder of One of the World's Largest Hacker Forums and Disruption of Forum's Operation". United States Department of Justice. Archived from the original on March 28, 2023. Retrieved March 28, 2023.
  3. "BreachForums down, and will not be back". DataBreaches.net. June 14, 2023 [March 21, 2023]. Archived from the original on June 18, 2023. Retrieved June 18, 2023.
  4. 1 2 Lakshmanan, Ravie. "20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison". The Hacker News. Archived from the original on April 2, 2023. Retrieved April 2, 2023.
  5. Podkul, Cezary. "Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected". ProPublica. Retrieved April 2, 2023.
  6. Krebs, Brian. "FBI's Vetted Info Sharing Network 'InfraGard' Hacked". KrebsOnSecurity. KrebsOnSecurity. Archived from the original on April 2, 2023. Retrieved April 2, 2023.
  7. Vicens, AJ. "Hacker tied to D.C. Health Link breach says attack 'born out of Russian patriotism'". CyberScoop. Retrieved April 2, 2023.
  8. Bajak, Frank. "Congress members warned of significant health data breach". AP News. Associated Press. Retrieved April 2, 2023.
  9. "United States v. Fitzpatrick" (PDF). Courtlistener. United States District Court for the Eastern District of Virginia. p. 29. Retrieved April 2, 2023.
  10. Arntz, Pieter. "BreachForums to be shut down after all for fear of law enforcement infiltration". Malwarebytes. Retrieved April 2, 2023.
  11. Clarkin, Regina (April 28, 2023). "Accused Peekskill Cybercriminal Hospitalized Wednesday". Peekskill Herald. Retrieved October 28, 2023.
  12. "Owner of BreachForums pleads guilty in federal court to three counts, including one involving child pornography". July 14, 2023. Retrieved October 28, 2023.
  13. "Domain Seized by Law Enforcement". breached.vc. Archived from the original on June 24, 2023. Retrieved June 25, 2023.
  14. "Domain Seized by Law Enforcement". breached.to. Archived from the original on June 23, 2023. Retrieved June 25, 2023.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.