FBI Seizes BreachForums' Ransomware Website and Telegram Channel

In a joint effort, the FBI and international law enforcement agencies have seized the website and Telegram channel of the infamous ransomware brokerage site BreachForums.

Seizure Closely Follows Europol Database Leak

Earlier this week, after BreachForums released a series of files purportedly stolen from Europol’s databases, a special operation was launched on Wednesday, mere days following the publication.

The site is no stranger to police attention, having been targeted several times in efforts to shut it down along with its operators. Last year, US law enforcement arrested and charged Conor Brian Fitzpatrick, also known as ‘Pompompurin,’ the owner of the notorious website, then his parents bailed him out.

BreachForums Taken Down Several Times Before

Despite these attempts, BreachForums has managed to resurface every time so far. Now, law enforcement has once again taken down the website and its Telegram channel, at least for the moment.

Visitors to the now-defunct website are met with a seizure notice informing them that the site is now in FBI custody.

Law Enforcement From Several Countries Involved in the Operation

According to the notice, the FBI was aided by law enforcement agencies in Ukraine, Switzerland, Australia, New Zealand, Iceland, and the UK.

“This website has been taken down by the FBI and DOJ with assistance from international partners,” reads the seizure notice. “We are reviewing this site’s backend data. If you have information to report about cyber criminal activity on BreachForums, please contact us.”

The notice outlines several ways to report criminal activity related to BreachForums to the FBI, including a Telegram channel, an email address, and a website.

A Cesspool of Criminal Activity Refusing to Stay Offline

Despite its on-and-off Internet presence, BreachForums is a significant hub for cybercrime, a place where threat actors gather to sell and buy stolen data from victims of cyber attacks.

Last month, threat actors bragged about breaching US-based supplement producer Piping Rock, stealing 2,103,393 email addresses and extensive details on almost a million customers.

In a separate incident, perpetrators leaked the names and email addresses of approximately 10,000 Home Depot employees on the same website.