The Federal Bureau of Investigation (FBI), along with the U.S. Department of Justice (DOJ) and several international law enforcement agencies, has successfully taken control of BreachForums, a notorious hacking forum implicated in a wide range of cybercriminal activities.
This major operation marks a significant crackdown on digital crime platforms that facilitated the publication of stolen data and files, as well as buying, selling, and trading of various illegal digital goods.
BreachForums background
A short FBI announcement explains that BreachForums was under scrutiny by the authorities from June 2023 until its seizure in May 2024. It operated multiple domains, including breachforums.st, .cx, .is, and .vc. It was managed by an entity known as “ShinyHunters.”
Previously, the platform had been administered by pompompurin through different domains from March 2022 until March 2023. BreachForums served as a clear-net marketplace where cybercriminals exchanged stolen access devices, personal identification information, hacking tools, breached databases, and offered other unlawful services.
The forum is known to be the successor to Raidforums, another criminal platform run by an individual with the moniker Omnipotent from early 2015 until its closure in February 2022. The transition from Raidforums to BreachForums highlighted the persistent and evolving threat posed by such platforms in the cybercrime landscape.
Recent examples of data dumps sold or leaked on BreachForums concern alleged or confirmed attacks at HSBC and Barclays Banks, Le Slip Français, Giant Tiger, and Acuity.
International law enforcement action
The seizure of BreachForums involved collaborative efforts from various international partners including the New Zealand Police, U.K.'s National Crime Agency (NCA), Ukrainian National Police, and other European law enforcement bodies. However, at the time of writing, none of the police forces mentioned have issued announcements to share more details about the action.
Authorities are currently reviewing the site's backend data to trace and identify additional suspects and victims involved in illegal activities facilitated by BreachForums. The FBI has also set up a dedicated form and contact points, urging victims or individuals with relevant information to come forward to assist in further investigations.
In addition to investigative efforts, the FBI emphasizes the importance of public cooperation in tracking down cybercriminals and mitigating the impacts of their activities. Individuals who believe they have been victims of BreachForums, or who have information about its users or transactions, are encouraged to contact the FBI through designated email addresses and communication channels provided in the seizure notice.
The shutdown of BreachForums disrupts a significant node in the network of cybercrime, impacting the underground market for stolen data and hacking services. However, the persistent nature of digital crime suggests that law enforcement agencies will need to maintain vigilance and adapt continuously to new challenges as cybercriminals evolve their methods and platforms.
Despite the various disruptions, takedowns, and arrests of Raidforums/BreachForums admins over the years, there's always another cybercriminal emerging from the back ranks to take the baton and set up a clone forum site on new domains and infrastructure.
Santander Suffers Data Breach Involving Customer Information
Leave a Reply