In recent days, BreachForums, one of the most well-known dark web hacking forums on the dark web, was reported to be shut down after one of its top administrators was arrested by United States federal authorities, including the Federal Bureau of Information (FBI).
A dark web forum named BreachForums was a popular cybercrime forum. It has grown to become a significant platform for trafficking illicit content on the dark web.
A wide range of topics were discussed on the site, including issues related to breaches of personal information, hacking, phishing, exploiting, and fraud against financial institutions. Many of its users are involved in trading various types of stolen information, including databases, documents, and compromised accounts that contain email addresses, passwords, and credit card details, such as stolen addresses, passwords, and credit card numbers. Threat actors and cybercriminals used the forum as a means to communicate with each other.
On March 20, 2023, BreachForums, which had been one of the most popular forums for hacking and data leaks this year, will cease to exist. Conor Brian Fitzpatrick (also known as 'pompompurin') has been arrested for a crime relating to the website and has had the site closed down. There was a remaining administrator of the forum, Baphomet, who claimed that the servers of the forum were accessed by law enforcement, which caused him to shut it down.
It is believed that the shutdown was prompted by suspicions that law enforcement might have obtained access to the site's configurations, source code, and user information in the forum. This was to compile a report on the forum.
However, despite BreachForums being shut down and Raidforums being seized, those forums' databases are still easily accessible through top hacking forums such as XSS and Exploit, which are competing with BreachForums in popularity.
In April 2022, after the arrest of Omnipotent, the founder of BreachForums, in the UK, the FBI confiscated and closed the site for violating its terms and conditions, causing it to be seized by the FBI.
A sudden turn of events occurred on March 19, 2023, when Baphomet, the current admin of BreachForums, informed the public in an update that the hacking forum had been officially closed since it had posted its last post. However, he stressed that "it was not the end."
In addition to this, there has appeared along with Baphomet a Telegram account with the alias ShinyHunters (@shinycorp), which will be responsible for dealing with the former BreachForums users. It has already begun disseminating information and updates related to the forum's operations through its Twitter account, and it has drawn both the attention of potential members and those who are concerned about the forum's development.
The BreachForums community has been filling the void left behind by RaidForums last year in a major way, becoming a lucrative marketplace where stolen databases have been purchased and sold by a variety of organizations and companies.
There has also been a development regarding the arrest of Conor Brian Fitzpatrick (aka pompompurin) who is facing one count of conspiracy to commit fraud against access devices and has already been charged with one count of conspiracy to commit fraud against access devices.
Baphomet says neither they nor Pompompurin has access to these domains at present since neither of them has access to them.
The timing of the disinformation campaign was noted as suspicious. Baphomet posited that the disinformation campaign was meant to undermine the revived community's credibility by using disinformation.
There is no doubt that the resurrected BreachForums presents a promising opportunity to its loyal users. However, Baphomet said that it would continue to warn against a "continued campaign against the community" and a "disinformation campaign", without providing any details regarding the campaign.
On April 4th, 2023, an online hacking forum was established using a name similar to the one seized by the FBI in April 2022. It is known as RaidForums. In terms of the admins of the new forum, there has been no indication that they are affiliated with the old forum in any way. As well as forums for discussion of hacking and leaks, there is also a section dedicated to the marketplace and tutorials, alongside discussions of exchanges and the marketplace. There are currently 1,725 members on the forum since it was launched on April 9, 2023, and plans to grow in the future.
In the wake of BreacheForums' closure, cybercriminals have been faced with the challenge of finding a new replacement forum, which has impacted the cybercriminal community. Even though the emergence of online forums such as LeakBase and RAID FORUM indicates that there is still a large demand for platforms like these. These platforms include forums that trade stolen data and discuss hacking, which suggests that the market for such platforms will continue to grow.
The usage of the top hacking forums such as XSS and Exploit has already seen a sudden increase as a result of these migrations. The fact that such platforms exist on the deep and dark web, as well as the fact that they can be monitored to provide the cybersecurity community with an accurate picture of evolving threats and sources, shows yet again why monitoring the dark web in general and dark web platforms, in particular, is so important.
