BreachForums seized by FBI three months after arrest of alleged admin

The domain for the English-language cybercrime marketplace BreachForums was seized on Thursday, more than three months after the site’s alleged administrator was arrested in the United States.

Conor Brian Fitzpatrick, 21, was picked up by the FBI back in March at his home in Peekskill, New York. He has been accused of running BreachForums under the handle “pompompurin” and charged with conspiracy to commit access device fraud.

BreachForums had claimed to have more than 340,000 members at the time it was shut down. It provided a mechanism for criminals to trade stolen information and hacking tools, particularly those relating to stealing financial information.

According to court testimony from the FBI, “Fitzpatrick’s victims have included millions of United States citizens, as well as a U.S. company providing electronic healthcare services, a U.S. company providing internet hosting and security services, and a U.S.-based investment company, among others.”

In the wake of Fitzpatrick’s arrest, another BreachForums administrator going by the handle “Baphomet” posted to claim they were taking ownership of the forum in accordance with an established emergency plan — before having an apparent change of heart and announcing they had decided to close everything down.

Shortly after the forum was closed down, the Department of Justice credited the FBI with “a disruption operation that caused BreachForums to go offline” despite the clear web domain actually remaining online and accessible, although it was inactive as per Baphomet’s post.

Baphomet had claimed that someone — who he presumed was with law enforcement — had been able to access the backend of the platform through pompompurin's account.

“This will be my final update on Breached, as I've decided to shut it down. I'm aware this news will not please anyone, but it's the only safe decision now that I've confirmed that the glowies likely have access to Poms machine,” the hacker said.

It is not clear why the domains were seized on Thursday rather than at an earlier point following Fitzpatrick’s arrest.

Last year, U.S. and European law enforcement authorities announced the arrest of Diogo Santos Coelho, the administrator of RaidForums, and at the same time replaced the forum with a splash page announcing that the domain had been seized.

BreachForums had surged in popularity following the arrest of Coelho and seizure of the RaidForums domain. According to the U.S. deputy attorney general Lisa Monaco, it “bridged the gap between hackers hawking pilfered data and buyers eager to exploit it.”

At the time the indictment against Fitzpatrick was unsealed, the actions against him and BreachForums were described as “the result of an ongoing criminal investigation.”

A spokesperson for the Department of Justice did not immediately respond to enquiries regarding whether that investigation has now concluded. According to the seizure notice, the FBI worked with agencies including the Dutch National Police, the Australian Federal Police, the U.K.'s National Crime Agency and Police Scotland to take down the site.