The Limited Times

Now you can see non-English news...

An administrator of Breach Forums, a site for buying and selling personal data, is arrested

2023-03-18T15:32:15.453Z


'Pompompurin' was accused of computer crime. Several data breaches in Argentina ended up on the site.


The FBI arrested this Friday one of the administrators of

Breach Forums

, one of the largest sites for buying and selling personal data stolen by cybercriminals.

Pompompurin

,” as Conor Brian Fitzpatrick was known on the site, was charged with

computer crime.

The web, formerly known as

Raid Forums

, hosts databases of more than a thousand entities, including companies and governments, with names, documents, addresses and sensitive information that is marketed for different criminal purposes.

"It is a specialized site that is dedicated, among other things, to the dissemination and commercialization of

pirated, stolen or filtered material

,"

Mauro Eldritch, a threat analyst at Birmingham Cyber ​​Arms LTD, explains to

Clarín .

In

Argentina

, in fact, a large number of

leaks

(filtrations) were hosted on this site in recent years.

“Accesses to emails from the Navy or the Army, complete leaks from the

Police of Río Negro, Salta, the City (more than once)

, the Municipality of Dolores, the Automotive Registry, the Judiciary of Santa Cruz and Río Negro, the Supreme Court of Buenos Aires and Neuquén, Neuquén Housing Institute, access to administrator panels of the Ministry of Energy, among others”, reviews the expert.

Private companies such as

Claro, Movistar,

Ecommerce sites, the Universidad Argentina de la Empresa (

UADE

) and DNIs also fell.

Globally it had been the repository for data stolen from the Robinhood platform and computer maker Acer.

Eldritch explains that among the content uploaded to the site there are usually leaks of all kinds, including what are known as "

combolists

": text files with leaked usernames, passwords and email addresses that can be used for different types of cyberattacks ( as those of “

brute force

”), among others.

About Pompompurin

The user and avatar of "Pom".

Photo Bleeping Computer

"Pompompurin was one of the best-known administrators of the forum," says the analyst.

A regional newspaper identified Fitzpatrick as one of Peekskill High School's 2021 graduates.

He was born in 2002

, according to court records, and the address of arrest is the home listed as his

parents

' .

"So far it is known that Pom would have registered an account on the

IntelligenceX

intelligence platform revealing his

real IP

, which led this site to share the information with the authorities who ended up arresting him," he adds.

The FBI announced that he was arrested at 4:30 p.m. on Friday, while his most recent activity on the site had been at 3:53 p.m.

As Bloomberg reported, the FBI agent, who led the other agents in the arrest, said Fitzpatrick admitted that he had used the alias "Pompompurin" and that he was

the owner and operator of Breach Forums

.

The section of the FBI report where Fitzpatrick assures that he is not only the admin of the site, but also the owner.

Photo Bleeping Computer

Fitzpatrick was ultimately released on bail after his parents paid

$300,000

, according to Bloomberg, and did not respond to a request for comment.

Benjamin Gold, an attorney who represented him in his court appearance, also declined to comment.

Unlike other sites dedicated to cybercrime, Breach Forums was always accessible through mass browsers such as Google Chrome or Safari (

clearnet

), despite the fact that it also had its version on the dark web.

“The forum always had

two methods of access

,

clearnet

, with different domains as they went down, and as a hidden service [hidden] accessible through

Tor

”, Eldritch clarifies.

After his arrest, another forum administrator assured that "it can be assumed that Pom will not return" and that he would take over the site.

Several users expressed their support for Pompompurin in a long 

thread

.

The FBI report

2023 hits cybercrime

HiveLeaks, a ransomware site seized this year.

Photo Hive Site

It is not the first time that users linked to cybercrime have fallen into the hands of Justice.

During the last week of February, the Dutch police arrested three young men who managed to collect a loot of 2.5 million euros through ransomware extortion. The suspects, aged between 18 and 21, are suspected of attacking thousands of companies, medium-sized and large, from different countries of the world.


On the other hand, two brothers aged 18 and 20 were arrested this year in France for stealing $9.5 million in crypto from the

Platypus Finance platform.

The biggest blow happened at the end of January of this year, when the FBI, in a joint operation with other security forces, seized the domain of Hive, one of the largest ransomware gangs in the world.

However, they failed to arrest any members, as the REvil ransomware group had in January 2022.

look too

LockBit published the data stolen from La Segunda: there are judicial files, expert reports and medical data

How was the fall of Hive, one of the largest ransomware groups in the world, and what does it mean?

Source: clarin

All tech articles on 2023-03-18

Trends 24h

Latest

© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.