In a coordinated global operation, the FBI, alongside law enforcement agencies from the Five Eyes nations, Switzerland, Iceland, and Ukraine, have successfully seized control of the notorious ransomware brokerage site BreachForums and its associated Telegram channel.
The takedown, which occurred on Wednesday, May 15, 2024, marks a significant victory against the growing cyber extortion industry. Despite numerous previous attempts to disrupt its operations, BreachForums had persistently resurfaced, acting as a clearinghouse for stolen data, hacking tools, and illicit services.
Site Now Under Law Enforcement Control
Visitors to the BreachForums website are now greeted with a stark message: “This website has been taken down by the FBI and DOJ with assistance from international partners. We are reviewing the site’s backend data. If you have information to report about cybercriminal activity on BreachForums, please contact us.”
The seizure comes just days after the site reportedly hosted information allegedly stolen from Europol’s databases, further highlighting the grave threat posed by such cybercriminal enterprises.
Notorious Hub for Stolen Data and Cyber Extortion
BreachForums had become a notorious hub for the trade of stolen data, enabling the nefarious practice of “double extortion” attacks, where victims’ data is not only encrypted for ransom but also stolen and used as leverage for additional extortion demands.
According to the FBI’s Internet Crime Complaint Center (IC3), “From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc and run by ShinyHunters) was operating as a clear-net marketplace for cybercriminals to buy, sell, and trade contraband, including stolen access devices, means of identification, hacking tools, breached databases, and other illegal services.”
Ongoing Battle Against Cyber Extortion
While the seizure of BreachForums represents a significant victory, the battle against cyber extortion and ransomware is far from over. As the FBI acknowledges, other forums of this kind are likely to emerge, fueled by the multi-billion dollar industry’s lucrative incentives.
Law enforcement agencies worldwide remain vigilant, urging victims and potential informants to come forward with any information that could aid in the identification and prosecution of the perpetrators behind these malicious cyber activities.