Administrator of BreachForums arrested, cybercriminals claim


Following the FBI's seizure of BreachForums, cybercriminals state that Baphomet, the admin of the illicit forum, has been arrested.

The threat actors behind BreachForums have seemingly regained control of the domain, and now it leads to a newly created Telegram group.

Here, ShinyHunters cybercrime group, the alleged proprietors of BreachForums, posted a PGP-signed message, reporting that their administrator under the alias Baphomet was arrested.

ADVERTISEMENT

“We regret to inform you that administrator Baphomet (our 'space cowboy') has been arrested, leading to the seizure of pretty much all of our infrastructure by the FBI. At this point, the future of our forum remains uncertain. No members of ShinyHunters have been arrested. We are currently waiting for further confirmations from our staff, and we will keep you updated with any new announcements in this channel,” the post reads.

baphomet-arrested

Cybernews can’t verify the PGP signature without a public key or who the current owner of the signature is.

Rumors have also started to spread on X.

The threat actor known as IntelBroker is also claiming that Baphomet was arrested in the law enforcement operation, BleepingComputer reported.

The Federal Bureau of Investigation (FBI) hasn’t confirmed this information yet.

Cybernews already reported that BreachForums was seized by law enforcement, and for a while, the website’s users were greeted with a seizure notification. The FBI’s notice also claimed that law enforcement had obtained access to the website’s backend data. The FBI’s notice also displayed BreachForums administrators’ Telegram profile pictures behind bars.

ADVERTISEMENT

BreachForums was one of the most popular places for cybercriminals to share private data leaks and other stolen data. It emerged as a successor of the previous RaidForums website, which was taken down after the arrest of its owner, Pompompurin (Conor Brian Fitzpatrick).

ShinyHunters (also known as ShinyCorp) is an international cyber threat group that first emerged in 2020, according to SOCRadar. The hacker repository vx-underground announced that ShinyHunters took over the site on June 2nd, 2023.

“Despite the playful, Pokémon-inspired name that suggests a community of harmless enthusiasts, ShinyHunters is deeply entrenched in cybercrime, specializing in the theft and sale of vast databases,” SOCRadar warns.

ShinyHunters is believed to be responsible for a leaked AT&T database with over 70 million items of customer information.

The FBI is investigating these criminal hacking forums. Victims or individuals who have information to assist in any of the investigations can provide information here.