BreachForums is Offline: A New Twist or Just Another Cyber Shenanigan?

 

BreachForums is Offline: A New Twist or Just Another Cyber Shenanigan?

[Update] June 3, 2025: “BreachForums Is Back (Again), Now on Yet Another Domain”

[Update] April 28, 2025: “BreachForums Administration Finally Responds”

[Update] April 25, 2025: “Is BreachForums Finished? Admin Quits, Source Code Allegedly on Sale”

[Update] April 24, 2025: “BreachForums Reboots”

[Update] April 18, 2025: “FBI Seizure Claims and Admin Disappearances”

BreachForums, a hacker forum, has been taken offline again. Early Tuesday morning (ET), claims emerged on Telegram that a group identifying as the Dark Storm Team was responsible for a Distributed Denial-of-Service (DDoS) attack against the site. However, multiple signals and the nature of “hacktivist” groups indicate that these claims should be cautiously approached.

Whois information for BreachForums, the site can’t be accessed, but no seizure banner is apparent

A History of Seizures and Reboots

BreachForums has earned notoriety as a hub for illicit trading of stolen personal data—a role that has repeatedly drawn the attention of law enforcement. Its legacy includes several dramatic episodes:

• March 2023: The arrest of BreachForums’ founder, known by the alias Pompompurin (Conor Brian Fitzpatrick), led to its initial FBI seizure.
• Subsequent Revivals and Takedowns: Despite attempts to resurrect the platform—first by a second-in-command and later by self-proclaimed operators like Shiny Hunters and rival personas like USDoD—the site has repeatedly been shut down by authorities but has come back.
  
  
  

• Unconfirmed Claims: The Dark Storm Team and IntelBroker

  The latest rumor centers on the assertion made on a Telegram channel that the platform has been attacked by a group calling itself the Dark Storm Team.

  A link on the channel allegedly demonstrated that the site was down in more than two dozen countries.

  Dark Storm’s Unverified Claim

  There is no consensus or confirmation from multiple independent sources validating Dark Storm’s involvement. Many experts have warned that such claims might be part of a broader narrative intended to confuse or manipulate the cybercrime community.

• 
  
  

  Was IntelBroker Arrested?

  Similarly, reports about the arrest of IntelBroker—a key figure associated with BreachForums—are uncorroborated at this time.

What’s Really Happening?

Whether the latest disruption is real or just another case of cyber smoke and mirrors, one thing is clear: forums like BreachForums are far from stable ground. Repeated seizures and rebrands show a pattern—one where the underground scene may either continue splintering or regroup under new names we haven’t heard of yet.

As for claims like those from “Dark Storm”? It’s best to stay skeptical. These kinds of posts often serve more to stir the pot than offer anything concrete — and, in some cases, to promote their own services. Dark Storm, for example, sells a DDoS tool, so these claims may also double as marketing stunts.

Meanwhile, the former face of BreachForums—Conor Brian Fitzpatrick (aka Pompompurin)—was back in the legal spotlight. After receiving just 17 days of jail time and a long probation, an appeals court threw out the sentence, calling it far too lenient.

This isn’t directly related to the current forum takedown rumors, but it’s a reminder: law enforcement and the justice system haven’t forgotten about BreachForums. Fitzpatrick’s case still casts a long shadow over the cybercrime forum.

What Can We Conclude?

The latest BreachForums outage follows a pattern of recurring disruptions. Whether it’s a genuine attack, a law enforcement action, or simply another unverified claim, the fact remains that these hacker forums are inherently unreliable. Many claims—like those from “Dark Storm”—appear designed more to promote services, such as their DDoS tools, rather than to report actual events.

Due to the high level of misinformation circulating, we have skipped over some of these claims. We will continue to monitor the situation and update our coverage as verified information becomes available.

Is BreachForums Finished? Admin Quits, Source Code Allegedly on Sale

Following the sudden reappearance of the site at breached[.]fi, a message briefly appeared on the homepage, allegedly posted by former administrator “Anastasia.” The message claimed that both “IntelBroker” and “Shiny” had been arrested and that the FBI would announce details soon. Anastasia also stated that she had resigned from the forum and considered BreachForums permanently shut down.

In the same post, a full backup of the forum’s database and its source code, dated April 10, 2025, was offered for sale for $2,000, On Telegram using the username @DeepwepBF ,with a Session ID provided for contact. Though the message has since been removed, it fueled a wave of speculation and confusion across dark web circles.

Rumors about the arrests remain unconfirmed, and authorities have released no official statement.

BreachForums Administration Finally Responds

Following a period of uncertainty, BreachForums administrators released a PGP signed message providing further clarification on the situation. According to the statement, the forum was voluntarily taken offline after trusted sources confirmed an infiltration attempt linked to global law enforcement agencies. While no compromise of infrastructure or data breach occurred, the administrators initiated a full incident response process and identified a vulnerability tied to a MyBB zero-day exploit.

Statement of BreachForums Administration

The team apologized for the lack of communication during this period and stated that they are now focused on a full backend rewrite to strengthen platform security. Additionally, they warned users against interacting with emerging BreachForums clones. Despite ongoing rumors, they reaffirmed that no arrests have taken place and that their priority remains the safety of the community and infrastructure.

BreachForums Is Back (Again), Now on Yet Another Domain

As of today, 3 June 2025, BreachForums administrator ShinyHunters announced the platform’s relaunch under a new domain: breach-forums[.]st. The update cites a full backend rewrite following the PHP exploit that previously compromised the forum.