Breached: Data theft forum closed due to police investigation
After the FBI arrested the suspected owner of the Breached forum, police infiltration was suspected. The administrator closes the store
(Image: Stokkete/Shutterstock.com)
- Frank Schräer
The underground forum "Breached", which is mainly frequented by cyber criminals and security experts, has been shut down by the remaining administrator. The operator of this large data theft forum had previously been arrested by the FBI. The second administrator then suspected that the authorities were able to gain access to the arrested man's devices and thus access to the Breached forum. It was therefore no longer safe to participate, and the forum has now been taken offline.
Last week, according to media reports, US federal officials arrested the suspected operator of the data theft forum nicknamed "Pompompurin". The underground forum allegedly owned and administered by Pompurin hosted copied databases at around 1,000 companies and websites, which often contained sensitive data such as names, email addresses and passwords. Cyber criminals offer the databases for sale on the forum, which can be used for fraud.
After Raidforum, Breached Forum also at an end
The Breachfed forum is considered the successor to the Raidforum. Its operators were arrested about a year ago in a concerted Europol operation, charged by the FBI and the forum was shut down with the confiscation of servers and internet domains. The Breached forum was still accessible, but now, according to Bleepingcomputer, the administrator "Baphomet" who remained after Pompompurin's arrest has also shut it down.
According to the report, Baphomet originally wanted to transfer the forum to a new infrastructure after Pompompurin's arrest to protect it from possible access by the investigating authorities and thus protect the identities of the participants. However, this plan has now been abandoned after it emerged that the officials were apparently able to gain access to Pompompurin's devices.
Unexplained access at the end, Telegram as an alternative
During the migration of the Breached forum, Baphomet says it discovered that someone had logged into one of the servers before being able to log in themselves. However, access to the servers had not been shared with anyone else. Baphomet therefore concluded that someone had taken possession of Pompompurin's devices and used them to gain access. This meant that nothing was secure on the Breached forum, neither the configuration or source code nor user information. The forum has therefore been closed.
In its message, Baphomet refers to Breached's Telegram channel, where discussions can continue. Telegram is a popular alternative for cyber criminals, as new channels can be created quickly, while others are closed just as quickly. Some actors become celebrities on Telegram because they leak data, offer stolen accounts and report on their cyberattacks.
(fds)