BreachForums was arguably the biggest cybercrime forum until it went offline in April amid rumors of the arrest of one of its most prominent members.
The forum’s primary domain has remained offline since then even as sites have popped up claiming to be BreachForums’ replacement.
In the latest twist to the on-again, off-again saga of BreachForums, the French newspaper Le Parisien reported today that five French hackers have been arrested as the alleged operators of the forum.
IntelBroker, ShinyHunters Allegedly Arrested
The Parisien report didn’t name the suspects but referred to them by their BreachForums user names.
“IntelBroker” – a notorious trafficker of stolen data who once did an exclusive interview with the editors of The Cyber Express – was apparently the first arrested; the Parisien report said the threat actor was arrested in February. The site’s other administrators feared exposure and suspended the site in April, according to the French paper. That report differs significantly from the site’s own claim that it had been compromised via a MyBB zero-day vulnerability and would return and that no arrests had occurred (screenshot below; the site is now down entirely).
The site’s other operators – described as four French hackers in their twenties – were arrested on Monday in France by specialist police officers from the Cybercrime Brigade (BL2C) of the Paris police headquarters.
Those arrested include “ShinyHunters,” “Hollow,” “Noct,” and “Depressed,” the paper said, noting that the four “are accused of harming numerous victims of high-profile data leaks, including Boulanger, SFR, France Travail, and the French Football Federation” (translated).
A press release (French) issued today by the Paris Public Prosecutor’s Office referred to ShinyHunters as a collective of four people arrested this week, and said IntelBroker was a British national arrested in France in February and held under pre-trial detention. “Computer elements” seized in the case will likely advance numerous ongoing investigations, the press release said, and it thanked the U.S. FBI and Department of Justice for assistance. It was signed by public prosecutor Laure Beccuau.
While early in the legal process, the arrests could potentially mark a dramatic end for the once-feared site.
BreachForums’ History of Seizures, Shutdowns and Leadership Changes
The first major legal action against the three-year-old BreachForums occurred in 2023 with the FBI’s arrest of alleged forum administrator Conor Brian Fitzpatrick, aka “Pompompurin.” The U.S. would ultimately appeal Fitzpatrick’s sentence, claiming it was too lenient.
The site was hacked in 2023 and again in 2024, at which point ShinyHunters took over the forum from Baphomet, who had succeeded Fitzpatrick. After ShinyHunters retired not long after, control of the forum eventually turned over to IntelBroker.
It’s not clear what the next step will be in the legal process, but the identities behind some of the dark web’s most notorious pseudonyms may soon be known.
