BreachForums, a notorious online forum on the dark web known for its thriving cybercrime community, has recently come under scrutiny as investigators uncovered the illegal products and services being peddled on this digital black market.
Originally launched as RaidForums in 2015 by Portuguese hacker Diogo Santos Coelho, this forum initially focused on ‘raiding’ websites and online spaces for the purpose of pranking and trolling. However, as hackers on the site began breaching social media platforms and websites, stealing millions of user credentials, they transitioned into selling these stolen credentials to the highest bidder.
One significant incident that highlighted the activity on BreachForums was the breach of Binance in February 2024, where user KYC details were first offered for sale on the forum. Similarly, leaked Bitcoin ATM code used in El Salvador made its way onto BreachForums in April of the same year. This led to international law enforcement agencies collaborating to seize the website and arrest founder Diogo Santos Coelho, who is currently in UK custody facing charges of cybercrime.
Despite several seizures and attempts to shut down the forum, BreachForums resurfaced under different users, with the latest owner being identified as Baphomet. The FBI seized the forum again in May 2024, but clone versions have since emerged, indicating the resilience of this criminal network.
Upon gaining access to BreachForums, it became evident that the platform was a hub of illegal activities. Users were seen offering services of violent criminal organizations, stolen data, tutorials on fraud, IP tracking, and more. The marketplace buzzed with sellers offering access to compromised accounts, including online streaming platforms, breached OnlyFans accounts, and leaked email logins of high-ranking corporate executives.
Moreover, the forum showcased a wide range of services for hire, with cybercriminals offering DDoS attacks, remote access to victim’s computers, phone number services for illegal account activations, bulk email senders for malicious campaigns, and email flooders to disrupt an enemy’s inbox with spam.
While some services may be legitimate, the forum’s susceptibility to scams and fraudulent activities is a concern. Users reported falling victim to scams where they paid for illegal services but never received the promised goods. Escrow payments were accepted by some vendors, indicating a level of trust between buyers and sellers, although scams were still prevalent.
The dark web criminals involved in buying and selling stolen data typically aim to commit identity theft, financial fraud, extortion, or blackmail using the acquired information. While the dark web presents significant risks, users on the clearnet can enhance their online safety by implementing security measures like two-factor authentication and verifying URLs to prevent falling prey to cyber attacks.
In conclusion, BreachForums remains a hotspot for cybercriminal activities despite law enforcement’s efforts to shut it down. The dark web, with its illicit offerings and potential dangers, serves as a reminder of the importance of cybersecurity measures and cautious online behavior. Visit the dark web at your own risk, or rely on sources like us to keep you informed about its underworld activities.