Telegram has updated their privacy policy. They will now cooperate with law enforcement if the individual is involved in a criminal case or violates Telegrams TOS.
They may disclose IP addresses used on your account as well as your linked phone number.
Hey cyber criminals,
Breachforums News
I’ve made contact with ‘aegis’ a site admin. I asked him if he would want to give a public statement on the current status of BF. This is what he said.
Looks like they aren’t planning as of now to rebuild BF. Baphomet seems to be the only one arrested so far.
Breach Forums Update
An individual obtained the ring doorbell camera footage of former admin 'pompompurin' getting raided by the FBI in march of last year.
I've blurred the faces of agents and his mother for obvious reasons. All I ask is to please leave his family alone.
It's called character development
@CrowdStrike
Crowdstrike sends out an update and accidentally blue screens millions of computers across the globe, causing outages that lasts multiple days.
1 Month Later, Crowdstrike leaks the identity of one of the most wanted
TikTok has suffered a username exploit taking advantage of an old API endpoint.
In 2020 TikTok forced its users who had a space in their username to abide by their new username format rules. 4 Years later a group of smart individuals figured out that if you use the old API
Why does every sim swapper feel obligated to buy bottle service at clubs and get signs with their @ on it.
Do they have some sort of life binding contract once they receive their cut that it has to be spent at the club?
Calling all cyber criminals please educate me!
🚨Breachforums Seized🚨
Popular hacking forum breachforums has allegedly been seized by law enforcement. I will keep you all updated on any further information.
thanks
@riddll3
for the screenshot
The owner of BreachForums, 'IntelBroker' filmed a video with 'DuperTrooper' where they duplicated items on a pay to win Minecraft server in order to disrupt their in game economy.
One of the most random videos to have popped up in my recommended.
sunhost[.]io has been seized by LE
It was an Iranian bulletproof hosting provider. Not much public news about this takedown. I will provide more information later.
A fake uBlock Origin extension is being featured on the Chrome Web Store. Over 700,000 people using it.
The real uBlock extension is made by Raymond Hill, and has 34,000,000 users.
Fake:
User
@vxdb
is not associated with vx-underground. They just by chance have the letters "vx" in their name.
We have no affiliation with them.
Please stop asking us about their posts because we have no idea.
But, it is a cool Twitter handle though
USDoD has been arrested in Brazil today. He was most known for the National Public Data breach a few months ago.
His identity has been known for some time now after his conflict with Crowdstrike.
The Brazilian Police launched 'Operation Data Breach' (horrible name c'mon) this
🚨Incognito Market Admin Arrested🚨
The United States DoD just announced the arrest of market admin ‘Pharoh’.
LE is on a roll the past couple months.
More updates later on as I dive into this indictment.
Thanks to
@DoingFedTime
for sharing the image below.
A furious preteen on discord logged into his botnet today, and my little blog felt his wrath.
I will never be able to financially recover from this state sponsored attack.
BreachForums is under new administration for the 5th time since its inception. Well known threat actor ‘IntelBroker’ has taken ownership of the site for the foreseeable future.
Some of the old staff members have self banned their accounts as shown in the pictures below.
I’m
This is a treasure trove of data.
- Almost 6M lines total
- Private messages between users
- Hundreds of thousands of entries including IP addresses
- MyBB Session entries
All credit goes to 'emo' for leaking this
The Russian communications regulator has banned Discord for failing to comply with their laws.
Discord has yet to comment on the situation.
@endermanch
compiled a list of domains that are currently blocked by all Russian ISPs.
Fortinet, a well respected cybersecurity company has had 440GB of data stolen from their Microsoft share point server.
The threat actor ‘Fortibitch’ posted that he had stolen the data and tried to extort the company into paying a ransom but Fortinet refused.
Fortinet has yet to
Two adults were just indicted for the involvement in a $230M crypto heist.
Malone Lam aka “Anne Hathaway” and Jeandiel Serrano aka “SkidStar” (Very sophisticated hackers of course) were arrested last night in Florida.
They tried to launder the stolen funds using mixing
Discord is working on an End-to-end encryption voice chat feature.
From what it looks like this is more of a marketing ploy than actually caring about user privacy. Nothing is stopping them from faking the key exchange and making it seem like your call is encrypted when its not.
Archive[.]org has suffered a data breach. No details on the severity of the data or what has been stolen. The actor proceeds to shout out
@haveibeenpwned
.
The website isn’t reachable for me, so no screen shot for you.
Well known troll on breachforums 'thekilob' was arrested in Rome today.
He was found with two 3D printed guns as well as videos of executions and CP on his computer. He is a self proclaimed Neo-Nazi.
What a sick individual.
src: emo - t[.]me/explain
The admins at Archetype Market hosted a scavenger hunt this weekend all around Las Vegas for Defcon attendees.
The prize was $10,000 in XMR to whoever could crack the puzzle.
(nobody claimed it lol)
The gay furry hackers are back (SiegedSec). 'Vio' has launched his own blog. The first post was published today, "guide to hacking and opsec".
cybercrime[.]sbs
This morning the FBI conducted a raid on Carahsoft Headquarters.
Carahsoft sells IT hardware and software to federal, state and local governments as well as any other businesses in the public sector.
The alleged reason for this raid is that the FBI is probing a business
Popular pirated live sports streaming service StreamEast had one of there domains seized.
Streameast[.]xyz (and some others)
They responded immediately ensuring users that they are not going anywhere. “We have more domains than Apple and Google combined”
A little over 24 hours until Law Enforcement releases more information about Operation Cronos. It seems that they have made more arrests in the UK and France, aswell as possible server seizures in Spain.
Sorry to say, is under a ddos attack. The data is not affected, but most services are unavailable.
We are working on it. This thread will have updates.
1/ An investigation into how Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano) stole $243M from a single person last month in a highly sophisticated social engineering attack and my efforts which have helped lead to multiple arrests and millions frozen.
🚨Final Doxbin Update🚨 (hopefully)
I’ve been speaking with ‘demeter’, the current site admin, and he wanted to clear up all the misinformation surrounding Doxbin. Here’s what he had to say.
PGP signed message:
@genocide
In July of 2022, the automated email marketing platform Klaviyo was breached. The threat actor was able to steal names, emails, phone numbers, and other information specific to the customer.
Out of the 40+ companies that were affected by this breach, LunarClient a popular
Popular Crypto Exchange
@krakenfx
was hacked. An unknown threat actor used a zero-day vulnerability to steal $3 million in crypto.
The vulnerability allowed the TA to initiate a deposit and receive funds without fully completing the deposit.
Breachforums[.]st was placed on the
@spamhaus
Domain Blacklist. You are no longer able to register an account due to email providers not receiving mail from the domain.
Today the United States placed sanctions and indictments against two russian cybercriminals.
This first individual known as 'Taleon' owns the crypto currency exchange Cryptex, which has become one of the largest money laundering networks in Russia. They failed to comply with AML
The hosting provider that vxdb[.]sh is hosted on is currently dealing with a network wide outage to their backend.
My VPS is still online but the providers website, user panels, etc is all offline.
This means nothing to you guys but I need to vent somehow. ;)
happy monday
How Dennis was caught:
On January 7, 2022, a deposit of roughly 22.7 BTC ($930,000) was made to a known Karakurt address. This is alleged to be an undocumented ransom payment.
Almost immediately after the payment was received it was split into different chunks and sent to
Last year the US and Georgia (The country) met to negotiate a bilateral extradition treaty.
It seems that Deniss Zolotarjovs aka 'Sforza_cesarini', a member of the Karakurt ransomware gang was not aware that his country is working in collaboration with the US.
On Tuesday
It seems like the public has finally noticed the NPD breach.
Yes, around 2.9B people have been effected. From what I've seen there is a lot of duplicate lines, so that number could be off by a sizeable amount.
Check if your info was leaked curtsy of
@0dayCTF
Doxbin update
#2
I'm probably late to this but its still interesting.
Doxbin[.]com has updated their offline landing page with some nice french music. I might add it to my playlist.
HugBunter (Dread Admin) shares his thoughts on the arrest of Telegram founder Pavel Durov.
"This is game over news, looks like they are seeking to take down all illegal sales through TG. I suggest everyone to contact any vendors you know are active on TG and make them aware of
BreachLounge/Jacuzzi 3.0 the BF telegram channel has been deleted. I'm really starting to think that this is the end of BF. The site is still offline, and staff isn't giving any answers on whats going on.
Ok maybe the French authorities are onto something.
I was grabbing something to eat at a local sandwich place, and the guy at the register was on his phone. I took a glance at what he was doing once he put it down, he was in telegram channel that was selling weed. Lmao.
is
BF owner 'ShinyHunters' retired last night along with admin 'Hollow'.
Cant see the forum lasting more than a couple months after this.
@EquationCorp
will handle this.
Breachforums Update
#513
Shinyhunters, the owner who took over in conjunction with baphomet after the arrest of pompompurin has left the forum all together, after losing interest. The site ownership will be transferred to someone else, but who knows how long that will last.
The Breachforums 1.0 database has been leaked publicly by ‘emo’ in his telegram channel.
This is from the breached[.]co era before admin ‘pompompurin’ was arrested.
Please update OpenSSH immediately. CVE-2024-6387 allows for RCE on glibc-based linux systems. An estimated 20 million systems are currently vulnerable to this exploit.
This is the first OpenSSH vulnerability in almost 20 years.
src:
The arrest of the Bohemia Darknet Market admin(s) last week is a big win for Law Enforcement.
This is the 4th arrest pertaining a Darknet Market admin within the last year.
Bohemia Market - August 2024
Empire Market ('Dopenugget' and 'Sydney') - June 2024
Incognito Market
Regarding my last tweet on the LockBit situation. Law Enforcement has since released a document outlining the operation of ‘Evil Corp’ and their involvement with LockBit.
They go into detail about their evolution as a group, as well as their accomplishments and activities.
How to Farm Engagement 101:
1) See a post on twitter about a security flaw
2) Skim the post quickly
3) Ask ChatGPT to write an article for you
4) Publish the article that doesn’t describe at all what happened.
Is Signal Messenger Compromised?
Yesterday, new vulnerability in Signal Messenger was found by
@mysk_co
developer.
What's are the Problems?
Problem 1.
Messages are kept in an encrypted file,
however local encryption key is stored in plain text in a file called config.json.
The City of Columbus Ohio sues a security researcher over downloading data from the Rhysida group.
On July 18 2024, the city of Columbus Ohio was hit with a ransomware attack taken out by notorious group 'Rhysida'. After 2 weeks of negotiation the two parties did not come to an
🚨Operation Endgame🚨
Europool targeted botnets such as, Trickbot, Pikabot, and Smokeloader.
Over 100 servers have been seized. 4 arrests have been made so far, as well as the takedown of over 2,000 domains.
Goodbye pink anime pfp.
Hello Memoji that somewhat looks like me.
It’s really late at night and I felt the urge to change my profile picture. You can go back to bed now.
Breachforums Update
#513
Shinyhunters, the owner who took over in conjunction with baphomet after the arrest of pompompurin has left the forum all together, after losing interest. The site ownership will be transferred to someone else, but who knows how long that will last.
Popular torrent site 'TorrentGalaxy' is currently offline. The staff has left a message stating, 'Updates will be posted in case of any changes.'
Some speculate the downtime may be related to law enforcement pressure with anti-piracy laws.
@vxunderground
@BleepinComputer
@SOSIntel
They telegram channel has now been whipped of all messages. The channel owner left their final message. A picture of a christian cross and a jesus meme.
DrugHub, one of the largest DNMs announces on Dread that they have completed their merge with Supermarket. All vendors and users with a valid PGP key now have an account on DrugHub.
This doesn’t look good for BF. Since the arrest of former admin pompompurin, the forum has lost its credibility.
Site is currently offline both on tor and clearnet.
I’ll tweet whenever a statement releases on the interwebs from staff.
Breachforums Update
BreachChat the public telegram channel has been deleted along with the ShinnyHunters account.
Staff member ‘Aegis’ announced it on his telegram channel.
Breachforums Update
BreachChat the public telegram channel has been deleted along with the ShinnyHunters account.
Staff member ‘Aegis’ announced it on his telegram channel.
dispossessor[.]com has been "repossessed" by Law Enforcement.
Dispossessor/Radar ransomware group was an alleged affiliates of the infamous LockBit gang. They have been known to use LockBit Builder in their attacks.
More later
credit:
@aejleslie