FBI Seizes BreachForums Hacking Forum

The FBI has seized all domains for the BreachForums hacking forum, operated by the ShinyHunters group, which served as a portal for leaking corporate data stolen in attacks from ransomware and extortion gangs.

Law enforcement authorities in the U.S. and France collaborated too take control of BreachForums’ web infrastructure, preventing the Scattered Lapsus$ Hunters hacker group from fulfilling their threat of leaking data from Salesforce breaches at companies that did not pay a ransom.

Backups Since 2023 Under FBI Control

The cybercriminals confirmed the takeover of BreachForums via a message on Telegram signed with ShinyHunters’ PGP key. they stated the seizure was certain and added that “the era of forums is over.”

BleepingComputer confirms that breachforums is now controlled by law enforcement authorities, as the latest domain update occurred on October 9, and the nameservers have been changed to those the FBI uses for seizures.

Following analysis of law enforcement’s actions, ShinyHunters concluded that all BreachForums database backups since 2023 have been compromised, along with all escrow databases since the latest reboot.

The gang also reported that the backend servers have been seized. However, their data leak site on the dark web remains online.

The ShinyHunters team stated that no one in the core admin team has been arrested but they will not launch another BreachForums, noting that such sites should be considered honeypots going forward.

According to the threat actor’s message,after RaidForum’s takedown,the same core team planned multiple forum reboots,using admins like pompompurin as fronts.