Breach Forums, a notorious cybercrime and hacker community, reappeared on the clearnet and dark web two weeks post-FBI seizure. The FBI arrested two administrators during the investigation.
WHAT IS BREACHFORUMS?
Breached Forums used to be a big Darknet forum that served as both a discussion platform and a criminal market. Hackers sold databases worldwide, including leaked credentials and data from organizations. Its popularity peaked in early summer 2022, when the FBI shut down another Darknet site, RaidForums, and jailed its administrator.
But how did ShinyHunters regain the clearnet domains?
While the forum has adopted a new domain for the dark web, as the original could not be regained from the FBI, it is back online with the original clearnet domain (breachforums.st). Other associated clearnet domains, including escrow.breachforums.st, breached.in, and two other parked domains, have also been regained from the FBI’s seizure.
ShinyHunters shared an email claiming it was an official conversation between an FBI computer scientist from the agency’s Cyber Division and NiceNIC, the domain registrar. The email, viewed by Hackread.com, explains the incident and how the hacker admin reaccessed the seized domains.
It’s not currently clear if the individual(s) using the ShinyHunters persona on BreachForums is the original ShinyHunters hacker. c
However, the possibility that it may be a honeypot has not been lost among members of the cybersecurity community.
After RaidForums closed in March and its owner, “Omnipotent,” was arrested, a new forum, BreachForums, was started. In mid-June, the old forum, 2022, was dismantled. Then, Baphomet and ShinyHunters revived it and launched a new site with the same name.
Both the U.S. Department of Justice (DoJ) and the FBI have yet to comment on the takedown, or the re-emergence of the forum for that matter.
Found this article interesting? Follow us on LinkedIn and Instagram to read more exclusive content we post.
About The Author
