FBI Seizes BreachForums Website

The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data.

If law enforcement has gained access to the hacking forum’s backend data, as they claim, they would have email addresses, IP addresses, and private messages that could expose members and be used in law enforcement investigations.

[…]

The FBI is requesting victims and individuals contact them with information about the hacking forum and its members to aid in their investigation.

The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3).

“The Federal Bureau of Investigation (FBI) is investigating the criminal hacking forums known as BreachForums and Raidforums,” reads a dedicated subdomain on the FBI’s IC3 portal.

“From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc and run by ShinyHunters) was operating as a clear-net marketplace for cybercriminals to buy, sell, and trade contraband, including stolen access devices, means of identification, hacking tools, breached databases, and other illegal services.”

“Previously, a separate version of BreachForums (hosted at breached.vc/.to/.co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. Raidforums (hosted at raidforums.com and run by Omnipotent) was the predecessor hacking forum to both version of BreachForums and ran from early 2015 until February 2022.”

Tags: data breaches, FBI, leaks, ransomware

Posted on May 17, 2024 at 7:09 AM • 7 Comments

Comments

Morley • May 17, 2024 9:28 AM

I wonder how registrars stay accredited.

A breach of your safety • May 17, 2024 11:06 AM

@Morely

“I wonder how registrars stay accredited.”

By making a sale with no before or after sales verification.

Unlike Banks etc there is still for most businesses no ‘Know Your Customer’ requirement.

Something all of us should be grateful for.

Many Governments are trying to force everyone into electronic transactions and accounts, so ordinary people do not have privacy from them.

Plastic tokens like cards and the like have ‘no stored value’ and do not work if the power or communications grids go down, which they do more and more frequently these days. So you could have a half dozen or more cards in an expensive wallet in your expensive suit and be totally penniless.

Worse if you think about it accounts can be closed and funds taken by a Government any time they like (the US Gov does it to people all the time all over the world). And there is absolutely nothing the account holder can do to get the value back.

Cash in your pocket however at least has ‘stored value’ that works even if the power and communications grids are down and a despotic government wants to ruin you for no better reason than they can because some petty civil servant types your name in on some secret list.

Remember that woman who went abroad from Britain to visit relatives and whilst she was out her husband put her on the no fly list?

https://www.aclumaine.org/en/news/immigration-agent-puts-wife-no-fly-list

It was three years or more she was on it and stranded abroad.

Well now think about the same thing but with your finances. That is what many governments want.

India under it’s current leader pulled a similar stunt but aimed at people of a different political opinions / religious background. Though painted as a way to stop “tax evasion” it became clear that it was actually part of the ‘aadhaar scheme’ agenda. To force a very sizable part of the population into a giant surveillance database. Designed to force hundreds of millions of ‘safely anonymous’ Indians to be ‘centrally registered’ and given a unique ID where the ‘authorities’ could then track them (a variation of what China has done).

noname • May 17, 2024 11:07 AM

Jeez, BreachForums had 336,800 users at the time of its last shutdown?

(not entirely sure which shutdown this refers to)

https://en.m.wikipedia.org/wiki/BreachForums

Wannabe Techguy • May 17, 2024 2:00 PM

@ A breach of your safety

Are you saying you don’t trust government?! What? Are you paranoid? Tin Foil hat?

Oh sorry. I got carried away. Carry on.

spoils • May 17, 2024 5:41 PM

I wonder what happens with the stolen info.

Andrew • May 17, 2024 11:16 PM

@spoils great question!