Feds Cost NY Man as BreachForums Boss “Pompompurin” – Krebs on Safety

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of operating BreachForums, a preferred English-language cybercrime discussion board the place a few of the world greatest hacked databases routinely present up on the market. The discussion board’s administrator “Pompompurin” has been a thorn within the facet of the FBI for years, and BreachForums is broadly thought of a reincarnation of RaidForums, a remarkably comparable crime discussion board that the FBI infiltrated and dismantled in 2022.

Federal brokers carting gadgets out of Fitzpatrick’s dwelling on March 15. Picture: Information 12 Westchester.

In an affidavit filed with the District Court docket for the Southern District of New York, FBI Particular Agent John Longmire stated that at round 4:30 p.m. on March 15, 2023, he led a crew of regulation enforcement brokers that made a possible trigger arrest of a Conor Brian Fitzpatrick in Peekskill, NY.

“Once I arrested the defendant on March 15, 2023, he acknowledged to me in substance and partially that: a) his identify was Conor Brian Fitzpatrick; b) he used the alias ‘pompompurin/’ and c) he was the proprietor and administrator of ‘BreachForums’ the information breach web site referenced within the Criticism,” Langmire wrote.

Pompompurin has been one thing of a nemesis to the FBI for a number of years. In November 2021, KrebsOnSecurity broke the information that hundreds of pretend emails a couple of cybercrime investigation had been blasted out from the FBI’s electronic mail techniques and Web addresses.

Pompompurin took credit score for that stunt, and stated he was in a position to ship the FBI electronic mail blast by exploiting a flaw in an FBI portal designed to share data with state and native regulation enforcement authorities. The FBI later acknowledged {that a} software program misconfiguration allowed somebody to ship the faux emails.

In December, 2022, KrebsOnSecurity broke the information that hackers energetic on BreachForums had infiltrated the FBI’s InfraGard program, a vetted FBI program designed to construct cyber and bodily risk data sharing partnerships with specialists within the non-public sector. The hackers impersonated the CEO of a significant monetary firm, utilized for InfraGard membership within the CEO’s identify, and had been granted admission to the group.

From there, the hackers plundered the InfraGard member database, and proceeded to promote contact data on greater than 80,000 InfraGard members in an public sale on BreachForums. The FBI responded by disabling the portal for a while, earlier than in the end forcing all InfraGard members to re-apply for membership.

Extra just lately, BreachForums was the gross sales discussion board for data stolen from DC Well being Hyperlink, a medical health insurance trade based mostly in Washington, D.C. that suffered a knowledge breach this month. The gross sales thread initially stated the information included the names, Social Safety numbers, dates of delivery, well being plan and enrollee data and extra on 170,000 people, though the official discover in regards to the breach says 56,415 individuals had been affected.

In April 2022, U.S. Justice Division seized the servers and domains for RaidForums, an especially widespread English-language cybercrime discussion board that offered entry to greater than 10 billion shopper information stolen in a few of the world’s largest information breaches since 2015. As a part of that operation, the feds additionally charged the alleged administrator, 21-year-old Diogo Santos Coelho of Portugal, with six legal counts.

Coelho was arrested in the UK on Jan. 31, 2022. By that point, the brand new BreachForums had been dwell for just below every week, however with a well-recognized look.

BreachForums stays accessible on-line, and from reviewing the dwell chat stream on the positioning’s dwelling web page it seems the discussion board’s energetic customers are solely simply changing into conscious that their administrator — and the positioning’s database — is probably going now in FBI fingers:

Members of BreachForums focus on the arrest of the discussion board’s alleged proprietor.

“Wait in the event that they arrested pom then doesn’t the FBI have all of our particulars we’ve registered with?” requested one apprehensive BreachForums member.

“However all of us have good VPNs I assume, proper…proper guys?” one other denizen supplied.

“Like pom would probably do a plea discount and cooperate with the feds as a lot as doable,” replied one other.

Fitzpatrick couldn’t be instantly reached for remark. The FBI declined to remark for this story.

There is just one web page to the legal grievance in opposition to Fitzpatrick (PDF), which fees him with one depend of conspiracy to commit entry machine fraud. The affidavit on his arrest is accessible here (PDF).

Replace: Corrected spelling of FBI agent’s final identify.