The infamous cybercrime and hacker platform BreachForums has mysteriously resurfaced on its authentic darkish internet .onion area. The positioning seems to be totally restored, together with its infrastructure, user-leaked databases, official breach listings and discussion board posts.
In your info, in early April 2025, each the clearnet and darkish internet domains of BreachForums went offline with out clarification. Members speculated about attainable legislation enforcement motion or a discussion board seizure.
Then, on April 28, as reported by Hackread.com, the discussion board’s homepage was changed with a message stating {that a} MyBB 0-day vulnerability had left the positioning uncovered to infiltration makes an attempt by legislation enforcement, and it wanted to be taken offline till the problem was resolved. That was the final message earlier than BreachForums disappeared.
Admin N/A?
Nevertheless, earlier at this time, Hackread.com noticed that the platform’s .onion area had develop into lively once more, now beneath a brand new admin deal with, “N/A.” The id of “N/A” is unknown, however they declare the discussion board’s clearnet area was suspended by the registrar following complaints and stress from legislation enforcement.
Moreover, they declare the MyBB vulnerability has been mounted and that the discussion board was by no means compromised, with person knowledge remaining protected all through. “N/A” additionally addressed experiences in regards to the arrests of ShinyHunters members, denying that any authentic group members have been taken into custody.
In your info, after the arrest of former BreachForums administrator Conor Fitzpatrick, also referred to as Pompompurin, the discussion board reemerged beneath the management of the ShinyHunters group. Nevertheless, in June 2025, authorities claimed to have arrested members of ShinyHunters, together with IntelBroker, one other lively member who had additionally served because the group’s administrator.
“N/A” additionally denied ever giving admin entry to IntelBroker, claiming it was a part of a technique to divert legislation enforcement’s consideration away from the unique homeowners. Based on the assertion, IntelBroker by no means had administrative entry to the discussion board.
As XSS.IS Falls, BreachForums Reemerges
The return of BreachForums comes at a time when legislation enforcement is intensifying efforts in opposition to cybercrime. Lower than 24 hours in the past, in an operation referred to as “Operation Checkmate,” authorities seized the infrastructure of the BlackSuit ransomware group, together with two of its .onion domains.
Simply a few days in the past, the Russian-language cybercrime platform XSS.IS was seized following the arrest of its suspected administrator in Ukraine. Whereas its darkish internet area stays accessible, posts from admins and moderators counsel plans to revive the discussion board on different domains. In the meantime, the return of BreachForums presents yet one more problem for legislation enforcement businesses.
The return of BreachForums on the darkish internet, together with plans to revive its clearnet domains, could also be seen as excellent news inside cybercrime circles, however it raises critical questions. Is it a honeypot arrange by legislation enforcement? Who’s “N/A”? The place is the unique admin staff in the event that they haven’t been arrested? In case you are lively on BreachForums, sign up at your individual threat, and take into account quitting cybercrime for good.
