FBI Nabs BreachForums Operator ‘Pompompurin’ Slaps Charges
BreachForums owner Conor Brian Fitzpatrick AKA 'Pompompurin,' has been arrested on cybercrime charges
BreachForums owner Conor Brian Fitzpatrick AKA ‘Pompompurin,' has been arrested on cybercrime charges.
In the latest announcement by BreachForums administrator ‘Baphomet,' the original owner named ‘Pompompurin' has been arrested by federal agents.
A group of investigators arrested Conor Brian Fitzpatrick at his residence on 15 March, according to a statement filed by an FBI agent in court the following day, Bloomberg reported.
FBI Special Agent John Langmire stated in a sworn statement submitted to the Southern District of New York's District Court that he supervised a group of law enforcement officers who apprehended Fitzpatrick in Peekskill, NY, based on probable cause.
Fitzpatrick has been charged with a solitary offense of conspiring to commit “access device fraud.”
BreachForums owner arrested, new admin steps in
Soon after the arrest of Conor Brian Fitzpatrick, another administrator took over the command of the website and shared the news with the members.
Although I had already suspected it to be the case, it has now been confirmed that Pom has been arrested. I think it's safe to assume he won't be coming back, so I'll take ownership of the forum. I have most, if not all, the access necessary to protect BF infrastructure and users,” read the post by Baphomet.
The new admin, who seems to be using the iconic Spike Spiegel ramen eating scene from the 1998 anime series Cowboy Bebop as his profile image, had stepped up as the new website owner and promised that BreachForums would continue working like usual despite the arrest of the founder.
“I pretty much already assumed the worst at nearly 24 hours of inactivity. It's not often Pom is gone an extended period of time, and he's always let me know ahead of time if that would be the case,” said his post.
“He's also never been inactive this long on both Telegram, Element, and the forum at the same time. At that point, I decided to remove his access to all important infrastructure and restricted his forum account to still login but not to carry out any administrator actions. I also, since that point, have been constantly monitoring everything and going through every log to see any access or modifications to Breached infra. So far, nothing like that has been seen”, it added.
BreachForums owner faces counts of cybercrime
BreachForums is a website known for hosting discussions related to data breaches, hacking, and other cybersecurity-related topics. Hackers and cybercriminals use it to share stolen data, hacking tools, and techniques.
The website gained notoriety for being a hub for exchanging illegal information and was often used by cybercriminals to buy and sell stolen credentials and other sensitive data. However, the website is accessible on surface-level internet and can be viewed without a proxy service or VPN.
BreachForums has been promoting the illegal exchange of information on the website, and by looking at its domain age, we can see that the current website is only 4 months old. Its domain was registered on 2022-11-17 03:21:28, with expiration for 2029-11-17 03:21:28.
I can't respond to everyone at this point as I am working through the next steps of the emergency plan for the forum. Please be patient, and try not to lose your mind. My only response to LE or any media outlet is that I have no concerns for myself at the moment,” read Baphomet's post.
BreachForums, data leaks, and cybercriminals
Prolific BreachForums users have been targeting organisations and individuals across the world.
In January, a member LeakBase shared sensitive data from Jira and the database of German-managed IT service provider BITMARCK.
In September 2022, the same BreachForums user released a massive trove of databases containing the PII information of 16 million Indians who use the Indian government's Swachh City platform, an initiative of the government's Ministry of Housing and Urban Affairs.
They were also responsible for releasing the databases of several popular Chinese mobile brands including OnePlus-Oppo and Realme.
Early this month, they claimed to have gained access to the control panel of JIRA CRM backup of Chinese-owned, US-based business Motorola through malfunctions and errors Active Jira users may thus be looking for a fully customizable CRM tool with greater security.
According to the BreachForums post, the data includes admin panel data, which was exported in HTML format with screenshots. The leak site user claims that the data consists of various file formats, and the total size of the files is about 11GB.
