Carder.life

Carder.life (http://txgate.io:443/index.php)
-   Carding News (http://txgate.io:443/forumdisplay.php?f=38)
-   -   BreachForums hacking forum operators reportedly arrested in France (http://txgate.io:443/showthread.php?t=51301713)

Artifact 07-16-2025 09:00 AM
<div id="post_message_799588">
<img alt="" border="0" class="bbCodeImage" src="https://www.bleepstatic.com/content/hl-images/2022/10/28/law-enforcement-arrest-bright.jpg"/><br/>
<br/>
The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information of millions.<br/>
<br/>
News of the arrests come from <a href="https://www.leparisien.fr/high-tech/la-police-interpelle-cinq-hackers-francais-de-haut-vol-derriere-un-celebre-forum-de-vol-de-donnees-25-06-2025-QJTPFTDPQZAP7B25MF24YLHU6E.php" target="_blank">Le Parisien</a>, which claims the law enforcement operation was carried out by the cybercrime unit (BL2C) of the Paris police department on Monday.<br/>
<br/>
According to reporters, the police carried out simultaneous raids in the regions of Hauts-de-Seine (Paris), Seine-Maritime (Normandy), and Réunion (overseas).<br/>
<br/>
During this action, they have arrested four hackers known online by the handles "ShinyHunters," "Hollow," "Noct," and "Depressed."<br/>
<br/>
For months, rumors circulated that another well-known threat actor, "IntelBroker," had also been arrested. Le Parisien reports that IntelBroker was also arrested by French authorities in February 2025.<br/>
<br/>
The BreachForums hacking forums have gone through numerous iterations over the years but acted as a community for cybercriminals to trade, sell, and leak stolen data, as well as sell access to corporate networks and other illegal cybercrime services.<br/>
<br/>
In 2023, the <a href="https://www.bleepingcomputer.com/news/security/breached-hacking-forum-shuts-down-fears-its-not-safe-from-fbi/" target="_blank">original BreachForums shut down</a> after its operator, Conor Brian FitzPatrick (aka Pompompurin), <a href="https://www.bleepingcomputer.com/news/security/alleged-breachforums-owner-pompompurin-arrested-on-cybercrime-charges/" target="_blank">was arrested</a>.<br/>
<br/>
Soon after, other threat actors in the community launched BreachForums v2, which was led by threat actors known as ShinyHunters, Baphomet, and, later, IntelBroker.<br/>
<br/>
The five threat actors that were arrested were reportedly involved in the operation of this new launch of the site.<br/>
<br/>
ShinyHunters and IntelBroker were admins/owners of the site, and archived posts show Hollow acting as a moderator. It is unclear what involvement "depressed" and "noct" had in the operation of the site.<br/>
<br/>
Those cybercriminals are accused of having direct involvement in data breaches against French entities like Boulanger, SFR, France Travail, and the French Football Federation.<br/>
<br/>
The attack against France Travail (formerly Pôle Emploi) was particularly notable for compromising the sensitive details of an estimated <a href="https://www.bleepingcomputer.com/news/security/french-unemployment-agency-data-breach-impacts-43-million-people/" target="_blank">43 million individuals</a>.<br/>
<br/>
IntelBroker rose to notoriety for his involvement in highly publicized breaches at <a href="https://www.bleepingcomputer.com/news/security/europol-confirms-web-portal-breach-says-no-operational-data-stolen/" target="_blank">Europol</a>, <a href="https://www.bleepingcomputer.com/news/security/general-electric-investigates-claims-of-cyber-attack-data-theft/" target="_blank">General Electric</a>, <a href="https://www.bleepingcomputer.com/news/security/weee-grocery-service-confirms-data-breach-11-million-affected/" target="_blank">Weee!</a>, <a href="https://www.bleepingcomputer.com/news/security/amd-investigates-breach-after-data-for-sale-on-hacking-forum/" target="_blank">AMD</a>, <a href="https://www.bleepingcomputer.com/news/security/hewlett-packard-enterprise-investigates-new-breach-claims/" target="_blank">HPE</a>, <a href="https://www.bleepingcomputer.com/news/security/nokia-investigates-breach-after-hacker-claims-to-steal-source-code/" target="_blank">Nokia</a>, and <a href="https://www.bleepingcomputer.com/news/security/cisco-takes-devhub-portal-offline-after-hacker-publishes-stolen-data/" target="_blank">Cisco</a>. However, the threat actor entered the spotlight after <a href="https://www.bleepingcomputer.com/news/security/fbi-investigates-data-breach-impacting-us-house-members-and-staff/" target="_blank">breaching DC Health Link</a>, the organization that administers the health care plans of U.S. House members, their staff, and their families.<br/>
<br/>
ShinyHunters is the most notorious among those arrested, as the alias has been linked to multiple high-profile data breaches and attacks, including those against <a href="https://www.bleepingcomputer.com/news/security/google-hackers-target-salesforce-accounts-in-data-extortion-attacks/" target="_blank">Salesforce </a>and <a href="https://www.bleepingcomputer.com/news/security/powerschool-hacker-now-extorting-individual-school-districts/" target="_blank">PowerSchool</a>, and the <a href="https://www.bleepingcomputer.com/tag/snowflake/" target="_blank">SnowFlake attacks</a>, which impacted <a href="https://www.bleepingcomputer.com/news/security/shinyhunters-claims-santander-breach-selling-data-for-30m-customers/" target="_blank">Santander</a>, <a href="https://www.bleepingcomputer.com/news/security/stolen-ticketmaster-data-from-snowflake-attacks-briefly-for-sale-again/" target="_blank">Ticketmaster</a>, <a href="https://www.bleepingcomputer.com/news/security/massive-atandt-data-breach-exposes-call-logs-of-109-million-customers/" target="_blank">AT&amp;T</a>, <a href="https://www.bleepingcomputer.com/news/security/advance-auto-parts-data-breach-impacts-23-million-people/" target="_blank">Advance Auto Parts</a>, <a href="https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/" target="_blank">Neiman Marcus</a>, and <a href="https://www.bleepingcomputer.com/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/" target="_blank">Cylance</a>.<br/>
<br/>
The ShinyHunters threat actors have also been involved in a large number breaches in 2025, with the group believed to consist of multiple threat actors operating under the same name.<br/>
<br/>
BreachForums v2 went offline in April 2025 after the site was allegedly breached by a MyBB zero-day vulnerability. The forum never returned online.<br/>
<br/>
BleepingComputer has contacted the Paris police and ANSSI to comment on the validity and accuracy of the reports, but we have not received a response yet.<br/>
<br/>
<a href="https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-operators-reportedly-arrested-in-france/" target="_blank">@ BleepingComputer </a>
</div>


All times are GMT. The time now is 11:43 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.