Regulation enforcement companies in the USA and France have seized management of domains linked to the infamous BreachForums hacking discussion board, generally used for the leaking of stolen information, and the sale of hacked credentials.
Nevertheless, observers are warning the takedown – though worthy and laudable – could also be extra symbolic than last, as a model of BreachForums on the darkish internet stays lively.
If you happen to go to breachforums.hn at this time you’ll be greeted by an animated seizure announcement, that includes the logos of the USA Division of Justice, FBI, France’s BL2C cybercrime unit, and Paris Prosecutor’s Workplace.
Fairly than the same old messageboard the place cybercriminals traded their wares, the location not factors to a specialist subdomain of the web site of the Web Grievance Heart (IC3), inviting victims and members of the hacking boards to go away data that would help in future crackdowns.
Sadly, for everybody who is not a cybercriminal – the underlying Tor-based leak web site on the darkish internet stays lively and may proceed for use to reveal delicate information.
Sadly additionally it is the case that there have been no confirmed arrests of BreachForums directors introduced publicly in co-ordination with the web site seizure, though it’s – in fact – all the time potential that the backup information seized may comprise logs and metadata that would present clues as to the identities of a few of the discussion board’s individuals.
A bullish assertion issued by the Scattered LAPSUS$ Hunters hacking collective confirmed that the authorities had seized management of BreachForums’ domains and backend servers, alongside backups of its databases stretching again to 2023.
Nevertheless, the group’s assertion went on to say that the seizure wouldn’t affect its risk to leak one billion data belonging to Salesforce prospects, scheduled for 23:59 EST tonight, 10 October 2025.
On the darkish internet, Scattered LAPSUS$ Hunters has listed scores of organisations whose Salesforce situations have been breached in current months, together with Adidas, Cartier, Chanel, Cisco, FedEx, IKEA, McDonald’s, Qantas Airways, Toyota, and Walgreens.
For its half, Salesforce has reportedly confirmed that it’s going to not pay a ransom.
What is not in any doubt is that the authorities have been enjoying whack-a-mole for a while with hacking message boards like BreachForums. Over the previous few years, regulation enforcement companies have repeatedly tried – and typically succeeded – in disrupting BreachForums and its predecessors. In April 2022, for example, the US Division of Justice shut down RaidForums and seized its area, paving the best way for BreachForums to emerge.
In March 2023, the discussion board’s founder Conor “Pompompurin” Fitzpatrick was arrested, and the location quickly taken offline.
Regardless of these and different takedowns in its historical past, BreachForums has repeatedly resurfaced beneath totally different domains or backends – highlighting simply how resilient underground cybercrime infrastructure may be.
