FBI takes control of notorious BreachForums cybercrime website
Domains have since been recovered
BreachForums, one of the most popular clearnet forums for sharing stolen data, malware, and other warez, is thought to have been shutdown by the Federal Bureau of Investigation (FBI), with its backend seized, and one of its key operators allegedly arrested.
As reported by BleepingComputer, clearnet (publicly accessible internet) domains belonging to BreachForums were, as of Wednesday evening, displaying the usual message from the FBI, stating the website was now under the control of law enforcement.
“This website has been taken down by the FBI and the DOJ with assistance from international partners,” the message reads. “We are reviewing this site’s backend data. If you have information to report about cyber criminal activity on BreachForums, please contact us,” the message concludes.
Baphomet arrested
The new landing page also showed Telegram profile pictures of two operators, Baphomet and ShinyHunters, overlaid with prison bars, suggesting they had been arrested. The FBI has also taken control of Baphomet’s Telegram account, as it was used to display the same message seen on BreachForums’ homepage.
At press time, however, the domains seem to have been recovered, as they now redirect to a new Telegram channel, called Jacuzzi 2.0. There, the operators confirmed regaining control over the domains, but also confirmed Baphomet’s arrest.
“Hello everyone, we regret to inform you that administrator Baphomet (our 'space cowboy'), has been arrested, leading to the seizure of pretty much all of our infrastructure by the FBI,” the pinned message reads.
“At this point, the future of our forum remains uncertain. No members of ShinyHunters have been arrested. We are currently waiting for further confirmations from our staff, and we will keep you updated with any new announcements in this channel.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
BreachForums was the successor to RaidForums, which was set up in 2015, and operated until dismantled by the FBI two years ago after becoming a prominent forum for sharing stolen data.
From its ashes rose Breached, a similar forum run by Conor Brian Fitzpatrick, alias Pompompurin. This, too, was seized by law enforcement along with its administrator.
More from TechRadar Pro
- MacOS devices are being targeted with PyPI backdoor to sneak into corporate networks
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.