(Washington) US justice announced Friday the decommissioning of one of the main exchange sites dedicated to hackers in the world, called BreachForums, and the arrest of its founder.
Conor Fitzpatrick, a 20-year-old resident of New York State, was arrested on March 15 and brought before a federal judge in Virginia on Friday who served him with a charge of “organized computer fraud”, a chief punishable by 5 years in prison.
He is accused of having created the BreachForums site in March 2022 to facilitate exchanges between hackers, with a section dedicated to the sale of stolen personal data or hacking tools, another to tutorials devoted to intrusion methods, etc
According to court documents, the young man, who used the pseudonym Pompompurin, had opened this platform after the closure by the authorities of a first site of this style, entitled RaidForums.
“We continue to bring down the main players in the cybercrime ecosystem,” commented Deputy Attorney General Lisa Monaco in a statement. Like Raidforums, “BreachForums bridged the gap between hackers selling stolen data and buyers wanting to profit from it,” she added.
For example, one of its users posted on January 4 the names and contacts of 200 million users stolen from one of the main American social networks. The court documents do not specify which one, but it is Twitter according to several specialized sites.
Another offered in April 2022 the data stolen from 8,000 customers of an American internet service company, including 1,900 bank card numbers.
Beyond the contact, Conor Fitzpatrick is suspected of having served as an intermediary for certain transactions by passing cryptocurrencies and stolen files on his site.
After his arrest, he, according to court documents, admitted to having created and managed the site and explained that he earned $1,000 a day on average, which he reinvested in the maintenance of BreachForums and to buy other domains.
This operation “is a significant disruption to the cybercriminal landscape that will impact for months, before threat actors respond and adapt,” commented cybersecurity expert Alexander Leslie on Twitter.