Police arrest BreachForums owner on cybercrime charges

Representational image of a hacker
(Image credit: Shutterstock)

The alleged owner and super-admin of underground hacking forum BreachForums has been arrested, according to reports.

The FBI has arrested an individual named as Conor Brian FitzPatrick, who confirmed to law enforcement to have been using the alias pompompurin - the owner and administrator of BreachForums.

"When I arrested the defendant on March 15, 2023, he stated to me in substance and in part that: a) his name was Conor Brian FitzPatrick; b) he used the alias "pompompurin," and c) he was the owner and administrator of "BreachForums," the data breach website referenced in the Complaint," FBI Special Agent John Longmire said.

Selling unauthorized access devices

As per the pompompurin Affidavit, FitzPatrick was charged with “one count of conspiracy to solicit individuals with the purpose of selling unauthorized access devices”.

The suspect was released on a $300,000 bond, and is expected to make an appearance before the District Court of the Eastern District of Virginia later this week. 

Until then, he has surrendered his documents and can only travel within the Southern and Eastern Districts of New York, and the Eastern District of Virginia, in preparation of the trial. He is also banned from engaging with any witnesses, codefendants, or coconspirators, it was said, although there were no other names mentioned.

BreachForums is arguably one of the most popular hacking forums around today. Whenever threat actors compromise business networks or endpoints, or manage to steal sensitive data, they post it on BreachForums, often trying to sell the loot, and sometimes just to brag. 

For example, data stolen in the Shanghai Covid app breach last summer ended up for sale on the forum, with a cybercriminal dubbed XJP advertising a database with sensitive info on 48.5 million users. In a separate incident that also took place last summer, a threat actor was asking for $30,000 in exchange for thousands of Twitter accounts.

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.