BreachForums Shutdown: Navigating Confusion, Risks, and New Beginnings
TL;DR
On April 15, BreachForums, a prominent marketplace for stolen data, abruptly shut down due to a MyBB zero-day vulnerability, leading to speculation, emerging alternative forums, and heightened risks of scams and honeypots.
Main Content
BreachForums Shutdown: A Major Blow to Cybercrime Marketplace
On April 15, BreachForums, a leading marketplace for stolen data, suddenly ceased operations, sparking widespread speculation and rumors ranging from FBI raids to the arrest of its administrator. This shutdown has left a significant void in the cybercrime ecosystem, leading to the emergence of several alternative forums. Some of these new platforms are demanding entry fees, adding to the confusion and increasing the risk of scams or government-run honeypots1.
Background of BreachForums
BreachForums, an English-language cybercrime forum, emerged in March 2022 as a successor to the dismantled RaidForums. It served as a marketplace for threat actors to buy and sell stolen data, hacking tools, and compromised credentials. The forum was founded by Conor Brian Fitzpatrick, known online as “pompompurin,” who had previously claimed responsibility for the 2021 FBI email hack.2
After Fitzpatrick’s arrest in March 2023, the forum’s administration changed hands multiple times, including to the hacking group ShinyHunters and later to an individual known as “Baphomet.” Despite these changes, BreachForums faced repeated shutdowns and domain seizures by law enforcement agencies, including the FBI.3
Zero-Day Vulnerability and Law Enforcement Infiltration
According to a statement published by BreachForums, the forum ceased operations after the discovery of a zero-day vulnerability in the open-source forum software MyBB used by the platform. Law enforcement agencies may have exploited this flaw to infiltrate the forum.
The statement reads,”In or around April 15, we received confirmation of information that we had been suspecting since day 1 – a MyBB 0day. This confirmation came through trusted contacts that we are in touch with, which revealed that our forum is subject to infiltration by various agencies and other global law enforcement bodies.”
The administrators pointed out that no data compromise occurred and that their infrastructure remained intact. They also warned users that emerging clones are untrustworthy, likely honeypots set up to lure users. They urged caution, advising users to verify trusted sources and avoid engaging with fake sites.4
Impact and Future Implications
The shutdown of BreachForums has significant implications for the cybercrime landscape. The emergence of alternative forums and the risks associated with them highlight the need for vigilance among users. As law enforcement continues to target such platforms, the future of cybercrime marketplaces remains uncertain.
For further insights, check out the full article: source
Conclusion
The abrupt shutdown of BreachForums due to a MyBB zero-day vulnerability has led to a period of turmoil and uncertainty in the cybercrime community. As new forums emerge, users must be cautious of potential scams and honeypots. The future of such marketplaces remains uncertain as law enforcement continues to target these platforms.
References
-
“cyberthreatintelligence-cti-breachforums-activity-7322551924820533249-b9DK?” (April 28, 2025). “BreachForums, a major data leak marketplace, shut down on April 15 after a MyBB 0-day exploit allowed law enforcement infiltration”. Retrieved April 28, 2025 ↩︎
-
Pierluigi Paganini (January 28, 2022). “authorities-shut-down-raidforums”. Retrieved April 28, 2025 ↩︎
-
Pierluigi Paganini (April 28, 2025). “breachforums-admin-sentenced”. Retrieved April 28, 2025 ↩︎
-
Dark Web Informer – Cyber Threat Intelligence (April 28, 2025). “BreachForums signed the following message just a short time ago. breachforums[.]st”. Retrieved April 28, 2025 ↩︎