Connect with us

Malware

FBI Shuts Down BreachForums: A Notorious Hacking Platform for Leaking Stolen Data

The FBI has seized BreachForum, a popular hacking forum used to leak stolen data. The marketplace had over 12,000 members and frequently shared breached databases, taking advantage of victims’ personal information. The crackdown highlights the US government’s continued efforts to dismantle cybercriminal networks and protect user privacy.

Published

4 months ago

on

Not too long ago, the FBI seized the infamous BreachForums hacking forum, notorious for leaking and selling stolen corporate data to other cybercriminals.

This seizure happened shortly after the site was used to leak data stolen from a Europol law enforcement portal. Now, the website displays a message stating that the FBI has taken control of it and its backend data, indicating that law enforcement seized both the site’s servers and domains.

“This website has been taken down by the FBI and DOJ with assistance from international partners,” reads the seizure message.

And it continues, “We are reviewing this site’s backend data. If you have information to report about cyber criminal activity on BreachForums, please contact us.”

The message also shows the forum profile pictures of the site’s administrators, Baphomet and ShinyHunters, overlaid with prison bars. If law enforcement has indeed gained access to the hacking forum’s backend data, as they claim, they would have email addresses, IP addresses, and private messages that could expose members and be used in law enforcement investigations.

The FBI also seized the site’s Telegram channel and other channels owned by Baphomet, with law enforcement sending messages stating it is under their control. In a Telegram message, the threat actor known as IntelBroker claims that Baphomet was arrested in the law enforcement operation.

The FBI is requesting victims and individuals to contact them with information about the hacking forum and its members to aid in their investigation. The seizure messages include ways to contact the FBI about the seizure, such as email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3).

The notorious BreachForums

BreachForums was the successor of a string of hacking forums used to trade, sell, and leak stolen data, as well as sell access to corporate networks and other illegal cybercrime services.

The first of these sites was known as RaidForums, which initially launched in 2015 and became the largest site for distributing stolen data, commonly used by ransomware and extortion groups. The site was eventually seized by law enforcement, with the police arresting the owner known as “Omnipotent”.

Soon after, one of its more active members, Pompompurin, created a new forum called ‘Breached’ to fill the void left behind by RaidForums. The site quickly grew in popularity and was used by thousands of members to brag about their cybercrime activities and to leak and sell stolen data. However, the site drew law enforcement’s attention after one of its members, IntelBroker, leaked the stolen data of D.C. Health Link, a healthcare provider for U.S. House members, their staff, and their families.

Not too long after, Breached was seized by law enforcement, and its admin, Conor Fitzpatrick (aka Pompompurin), was arrested. Once again, those in this cybercrime community were left without a home, so one of Breached’s previous admins, known as Baphomet, teamed with ShinyHunters, a notorious seller of stolen data, to launch a new site named BreachForums.

Like the other sites, BreachForums quickly became popular with stolen corporate data being leaked from new breaches, including those on AT&T, 23andMe, Hewlett Packard Enterprise, Home Depot, Dell, PandaBuy, and The Post Millenial.

Today’s seizure message indicates that law enforcement has had access to the site’s servers, potentially for a long time, as they monitored threat actors’ activities. However, the breach that went too far may have been the recent leak of data stolen from Europol’s Platform for Experts (EPE) portal by a threat actor known as IntelBroker, forcing law enforcement to take action.

What you can do

As the world of cybersecurity continues to evolve, it’s crucial to stay informed and vigilant. By understanding the risks and staying up-to-date with the latest news and developments, you can better protect yourself and your organization from cyber threats.

We encourage you to reach out to us for more information on cybersecurity and to keep coming back to learn more about the latest trends and threats in the digital world.

Related Topics:
Up Next


Shattering the Silence: The Nissan North America Data Breach Affecting 53,000+ Employees



Imagine this: You’re driving down a peaceful country road, the sun is setting, and your favorite tunes are playing. Suddenly, you hit a pothole, and your car starts to shake uncontrollably. You pull over, feeling a mix of frustration and worry. That’s precisely how 53,000+ Nissan North America employees must have felt when they found out their sensitive data was compromised in a massive cybersecurity breach.



Breaking Down the Breach: What Happened to Nissan?



In a world where data breaches are becoming increasingly common, it’s essential to understand the magnitude of these incidents. The Nissan North America data breach is a prime example of how even well-established companies can fall victim to cyberattacks. The attack affected current and former employees, exposing sensitive data, including names, Social Security numbers, birth dates, and more. This information could easily be used by cybercriminals to commit identity theft or other fraudulent activities.



So, what does this mean for you, the everyday person who may not work for Nissan but still has sensitive information online? It means that no one is safe from cyber threats, and we all need to be prepared for the worst.



How to Protect Yourself and Your Data



Now that you know the reality of the situation, let’s discuss some practical steps you can take to protect yourself and your data from cyberattacks:




  1. Stay informed: Knowledge is power, and staying up-to-date on the latest cybersecurity threats and best practices is crucial to keeping your data safe.

  2. Use strong passwords: A simple but often overlooked step is to create complex, unique passwords for each of your online accounts. This makes it more challenging for hackers to gain access.

  3. Enable two-factor authentication (2FA): By requiring an additional verification step, such as a fingerprint or a text message code, you’ll add an extra layer of security to your accounts.

  4. Be cautious with public Wi-Fi: Public Wi-Fi networks can be a breeding ground for cybercriminals. Avoid using them when accessing sensitive data or conducting financial transactions.

  5. Keep software up-to-date: Regularly updating your device’s software can help protect against known vulnerabilities that hackers may exploit.



Join the Fight: Let’s Combat Cybersecurity Threats Together



As a cybersecurity expert, my mission is to help you navigate the complex world of online threats and protect your sensitive information. But I can’t do it alone – we must all take responsibility for our digital safety and work together to combat these ever-evolving cybersecurity threats.



So, are you ready to join the fight and safeguard your data? Contact us today to learn more about how you can protect yourself and your loved ones from cyberattacks. And remember, knowledge is power – so keep coming back for the latest updates, tips, and insights on all things cybersecurity.


Don't Miss

Don’t Let Your Guard Down: Santander’s Data Breach and What It Means for You



Have you ever had that sinking feeling when you realize you left your wallet at a restaurant or your phone in a taxi? It’s that gut-wrenching moment of panic, wondering if you’ll ever see your precious belongings again, or worse, if someone else is now enjoying them. That’s how thousands of Banco Santander customers must have felt when they found out that their sensitive personal information had been exposed due to a data breach.



What Happened at Banco Santander?



Let me paint you a picture: It’s a typical day at the bank, and then – BAM! – cybercriminals break in and snatch up customer data like a thief in the night. Here’s the twist: these criminals didn’t need a getaway car or a ski mask. All they needed was a computer and an internet connection.



Banco Santander, one of the largest banks in the world, recently revealed that it had suffered a significant data breach, exposing the personal information of over 11,000 customers. The stolen data included names, addresses, bank account numbers, and even Social Security numbers. We’re talking the whole shebang, folks.



Why Should You Care?



Now you might be thinking, “I’m not a Banco Santander customer, so why should I care?” Well, my friend, the answer is simple: cybercrime is a global epidemic. If it can happen to a banking giant like Santander, it can happen to any company or institution that deals with sensitive information. And let’s face it: in today’s digital world, that’s pretty much everyone.



According to a 2019 report by NortonLifeLock, 33 billion records were exposed in data breaches during the first half of the year alone. That’s right – I said billion with a “b.” And here’s another sobering statistic: the 2019 Official Annual Cybercrime Report predicts that a business will fall victim to a ransomware attack every 11 seconds by 2021.



What Can You Do to Protect Yourself?



Feeling a little uneasy? Don’t worry; I’ve got your back. There are a few simple steps you can take to safeguard your personal information and reduce your risk of becoming a cybercrime statistic:




  • Be vigilant with your passwords: Use unique, complex passwords for every account, and change them regularly. Consider using a password manager to help you keep track of them all.

  • Stay on top of software updates: Outdated software is like an open invitation to cybercriminals. Keep your operating system, web browser, and antivirus software up to date.

  • Be cautious with public Wi-Fi: Avoid using public Wi-Fi networks for sensitive activities like online banking, and use a VPN to protect your data.

  • Watch out for phishing scams: If an email or text message seems too good to be true, it probably is. Be wary of clicking on unfamiliar links or downloading attachments from unknown sources.



Together, We Can Fight Cybercrime



Here’s the deal: cybercrime isn’t going away anytime soon. But that doesn’t mean we’re powerless in the face of it. By staying informed and taking action to protect ourselves, we can make it harder for cybercriminals to succeed.



So let’s do this, folks! Contact us today to learn more about how you can protect yourself and your business from the growing threat of cybercrime. And don’t forget to keep coming back for the latest news, tips, and insights. Together, we can make a difference.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Malware

Fortinet Acknowledges Massive Data Breach: Hacker Boasts Theft of 440GB Files

Fortinet, a network security company, has confirmed a data breach after a hacker claimed to have stolen 440GB of files. The breach is believed to have exposed client information, including email addresses and passwords. Fortinet is investigating the incident and taking steps to mitigate the potential impact on its customers and partners.

Published

2 days ago

on

September 13, 2024

By

The Fortinet logo, centered on a vibrant red background with streaks of light radiating outward, symbolizes robust cybersecurity against hackers and data breaches.

You may have heard about the recent data breach at cybersecurity giant Fortinet, and it’s worth taking a closer look at what happened to understand the risks and implications. The company is one of the largest cybersecurity providers in the world, offering a range of products and services such as secure networking devices, network management solutions, and consulting services.

A Threat Actor Strikes

Recently, a threat actor claimed to have stolen a whopping 440GB of data from Fortinet’s Microsoft Sharepoint server. This individual, going by the name “Fortibitch,” announced the theft on a hacking forum and even shared credentials to an alleged storage bucket containing the stolen data.

We have not accessed this storage bucket to verify its contents, but it’s important to note that the threat actor claimed to have attempted to extort Fortinet into paying a ransom to prevent the data from being published. Fortinet, however, refused to pay.

Fortinet’s Response

When we reached out to Fortinet about this incident, the company confirmed that customer data had indeed been stolen from a “third-party cloud-based shared file drive.” They described the breach as involving “limited data related to a small number of Fortinet customers.”

Initially, Fortinet did not disclose the number of affected customers or the nature of the compromised data, but they did state that they had “communicated directly with customers as appropriate.” In a later update on their website, Fortinet revealed that the breach affected less than 0.3% of its customer base and had not resulted in any malicious activity targeting those customers.

It’s also worth noting that Fortinet confirmed the incident did not involve data encryption, ransomware, or access to their corporate network. We have contacted Fortinet with additional questions about the breach, but have not received a reply at this time.

Not the First Time

This isn’t the first time Fortinet has been targeted by threat actors. In May 2023, an individual claimed to have breached the GitHub repositories of Panopta, a company acquired by Fortinet in 2020, and leaked stolen data on a Russian-speaking hacking forum.

A Call to Stay Informed and Vigilant

As this incident demonstrates, even the most prominent cybersecurity companies can fall victim to data breaches. That’s why it’s crucial to stay informed about the latest threats and to take steps to protect your own data and networks. We’re here to help you navigate the ever-evolving cybersecurity landscape and to provide the expertise and support you need to safeguard your digital assets.

Don’t hesitate to reach out to us to learn more about how we can help you stay ahead of the curve in cybersecurity, and be sure to keep coming back for the latest updates and insights.

Continue Reading

Malware

Transport for London Reveals Alarming Cyberattack: Customer Data Compromised

Transport for London (TfL) has confirmed customer data was stolen in a cyber attack. TfL’s Oyster card and contactless payment systems were targeted, resulting in a partial shutdown of online services. The transport operator urges users to change their passwords and remain vigilant for potential phishing emails or fraudulent activity.

Published

3 days ago

on

September 12, 2024

By

A red double-decker bus, marked with advertising, is parked on a street in front of a large building exhibiting vertical lines on its facade. This scene is emblematic of Transport for London’s iconic transport system.

Did you know that on September 1st, the urban transportation agency, Transport for London (TfL), was hit by a cyberattack? Initially, they assured customers that there was no evidence of data being compromised. However, after further investigation, it turns out that some customer data was indeed impacted, including names, contact details, email addresses, and home addresses.

A Quick Recap of the Cyberattack

The attack was first made public on September 2nd, and since then, TfL staff has been dealing with system outages and disruptions. This includes the inability to respond to customer requests submitted via online forms, issue refunds for journeys paid with contactless methods, and more.

As we now know, the impact on customer data was not as minimal as initially thought. According to TfL’s status page, the investigation revealed that certain customer data had been accessed during the cyberattack.

Moreover, the agency discovered that the hackers may have accessed some Oyster card refund data and bank account number and sort codes for approximately 5,000 customers.

Worried about being affected? We can confirm that affected customers are receiving personalized notifications informing them of the data breach, so be sure to check your email to see if you’re among those impacted.

What Does This Mean for TfL Customers?

As TfL continues to work on remediation efforts, some services remain unavailable. Here’s a quick rundown of what you should be aware of as a customer:

  • Live Tube arrival info is unavailable on some digital channels, but in-station and journey planning info is still accessible.

  • Applications for new Oyster photocards, including Zip cards, are temporarily suspended. If you need to replace a lost card, call 0343 222 1234 (option 1).

  • If you can’t apply for a photocard, keep records of your fares; you might be able to get a refund once the cyber incident is resolved.

  • Contactless users can’t access their online journey history.

  • Refunds for incomplete journeys using contactless payment methods are unavailable. Remember to always touch in/out. Oyster users can manage refunds online.

  • Staff has limited system access, causing delays in online responses.

As of now, no ransomware gang has claimed responsibility for the cyberattack on TfL.

A Wake-Up Call for Better Cybersecurity

This incident serves as a reminder that we must be vigilant when it comes to cybersecurity. Businesses and individuals alike should take the necessary steps to protect their data and systems from cyber threats.

As an IT Services expert in cybersecurity, we’re here to help you stay informed and ensure you’re taking the right precautions to protect yourself from cyberattacks. So, don’t hesitate to reach out to us for advice or assistance. And keep coming back to learn more about how you can stay one step ahead of cyber threats.

Continue Reading

Malware

Massive Data Breach Hits Payment Gateway: 1.7 Million Credit Card Users Impacted

A data breach at Indian payment gateway provider Juspay has exposed the personal information of 17 million credit card owners. The compromised data includes names, email addresses, and phone numbers, putting users at risk of phishing attacks. Juspay has assured customers that full card numbers, order information, and passwords remain secure.

Published

5 days ago

on

September 10, 2024

By

A person wearing a hooded jacket holds a glowing rectangular device in a dark, futuristic environment with neon red and blue digital graphics in the background, hinting at a massive data breach among credit card users.

Imagine this: you’re enjoying a lovely dinner at your favorite restaurant, and when it’s time to pay, you hand over your credit card without a second thought. What you don’t know is that a cybercriminal has been lurking in the shadows, just waiting for the opportunity to snatch your personal and credit card information. That’s exactly what happened to nearly 1.7 million individuals when payment gateway provider Slim CD suffered a data breach.

The Slim CD Data Breach: What Happened?

Slim CD is a company that provides payment processing solutions for businesses, allowing them to accept electronic and card payments through various platforms. Unfortunately, hackers were able to access Slim CD’s network for almost a year, from August 2023 to June 2024. The company first detected suspicious activity on June 15, 2024, and during their investigation, they discovered the unauthorized access had begun back in August 2023.

According to the notification sent to the impacted individuals, the threat actor had viewed or obtained access to credit card information for just two days, between June 14th and 15th, 2024. The types of data that may have been accessed include:

  • Full name

  • Physical address

  • Credit card number

  • Payment card expiration date

Is Your Credit Card Information Safe?

While the exposed information doesn’t include the card verification number (CVV), there’s still a risk of credit card fraud. Nowadays, cybercriminals have become increasingly sophisticated and may use the stolen information to piece together enough data for fraudulent transactions. It’s important to remain vigilant and monitor your credit card statements for any suspicious activity.

What Can You Do to Protect Yourself?

Slim CD has taken measures to strengthen its security to prevent future incidents like this, but it’s crucial for you to take charge of your own cybersecurity. Here are some steps you can take to stay ahead of cybercriminals:

  • Regularly monitor your credit card statements for any unauthorized transactions.

  • Report any suspicious activity to your card issuer immediately.

  • Be cautious when providing your personal and credit card information online or over the phone.

  • Consider using a credit monitoring service for added protection.

Don’t Let Cybercriminals Win: Stay Informed and Protected

As the digital landscape continues to evolve, so do the threats posed by cybercriminals. Staying informed about cybersecurity risks and taking proactive steps to protect your personal information is more important than ever before. We’re here to help you navigate the complex world of cybersecurity and ensure your personal data remains secure.

So, don’t let cybercriminals get the upper hand. Keep coming back to learn more about the latest threats and how you can stay protected in the digital age. Together, we’ll make sure that your personal information stays safe and out of the hands of cybercriminals.

Continue Reading

Trending