The FBI arrested this Friday one of the administrators of
Breach Forums
, one of the largest sites for buying and selling personal data stolen by cybercriminals.
“
Pompompurin
,” as Conor Brian Fitzpatrick was known on the site, was charged with
computer crime.
The web, formerly known as
Raid Forums
, hosts databases of more than a thousand entities, including companies and governments, with names, documents, addresses and sensitive information that is marketed for different criminal purposes.
"It is a specialized site that is dedicated, among other things, to the dissemination and commercialization of
pirated, stolen or filtered material
,"
Mauro Eldritch, a threat analyst at Birmingham Cyber Arms LTD, explains to
Clarín .
In
Argentina
, in fact, a large number of
leaks
(filtrations) were hosted on this site in recent years.
“Accesses to emails from the Navy or the Army, complete leaks from the
Police of Río Negro, Salta, the City (more than once)
, the Municipality of Dolores, the Automotive Registry, the Judiciary of Santa Cruz and Río Negro, the Supreme Court of Buenos Aires and Neuquén, Neuquén Housing Institute, access to administrator panels of the Ministry of Energy, among others”, reviews the expert.
Private companies such as
Claro, Movistar,
Ecommerce sites, the Universidad Argentina de la Empresa (
UADE
) and DNIs also fell.
Globally it had been the repository for data stolen from the Robinhood platform and computer maker Acer.
Eldritch explains that among the content uploaded to the site there are usually leaks of all kinds, including what are known as "
combolists
": text files with leaked usernames, passwords and email addresses that can be used for different types of cyberattacks ( as those of “
brute force
”), among others.
About Pompompurin
The user and avatar of "Pom".
Photo Bleeping Computer
"Pompompurin was one of the best-known administrators of the forum," says the analyst.
A regional newspaper identified Fitzpatrick as one of Peekskill High School's 2021 graduates.
He was born in 2002
, according to court records, and the address of arrest is the home listed as his
parents
' .
"So far it is known that Pom would have registered an account on the
IntelligenceX
intelligence platform revealing his
real IP
, which led this site to share the information with the authorities who ended up arresting him," he adds.
The FBI announced that he was arrested at 4:30 p.m. on Friday, while his most recent activity on the site had been at 3:53 p.m.
As Bloomberg reported, the FBI agent, who led the other agents in the arrest, said Fitzpatrick admitted that he had used the alias "Pompompurin" and that he was
the owner and operator of Breach Forums
.
The section of the FBI report where Fitzpatrick assures that he is not only the admin of the site, but also the owner.
Photo Bleeping Computer
Fitzpatrick was ultimately released on bail after his parents paid
$300,000
, according to Bloomberg, and did not respond to a request for comment.
Benjamin Gold, an attorney who represented him in his court appearance, also declined to comment.
Unlike other sites dedicated to cybercrime, Breach Forums was always accessible through mass browsers such as Google Chrome or Safari (
clearnet
), despite the fact that it also had its version on the dark web.
“The forum always had
two methods of access
,
clearnet
, with different domains as they went down, and as a hidden service [hidden] accessible through
Tor
”, Eldritch clarifies.
After his arrest, another forum administrator assured that "it can be assumed that Pom will not return" and that he would take over the site.
Several users expressed their support for Pompompurin in a long
thread
.
The FBI report
2023 hits cybercrime
HiveLeaks, a ransomware site seized this year.
Photo Hive Site
It is not the first time that users linked to cybercrime have fallen into the hands of Justice.
During the last week of February, the Dutch police arrested three young men who managed to collect a loot of 2.5 million euros through ransomware extortion. The suspects, aged between 18 and 21, are suspected of attacking thousands of companies, medium-sized and large, from different countries of the world.
On the other hand, two brothers aged 18 and 20 were arrested this year in France for stealing $9.5 million in crypto from the
Platypus Finance platform.
The biggest blow happened at the end of January of this year, when the FBI, in a joint operation with other security forces, seized the domain of Hive, one of the largest ransomware gangs in the world.
However, they failed to arrest any members, as the REvil ransomware group had in January 2022.
look too
LockBit published the data stolen from La Segunda: there are judicial files, expert reports and medical data
How was the fall of Hive, one of the largest ransomware groups in the world, and what does it mean?
