Authorities in the USA have charged a British nationwide, Kai Logan West, broadly identified on-line as “IntelBroker“, with a collection of high-profile knowledge breaches that collectively prompted no less than $25 million in damages to corporations worldwide. The 23-year-old was arrested in France in February 2025 and now faces extradition to the USA to face trial within the Southern District of New York.
As reported by Hackread.com, IntelBroker’s arrest was adopted by a number of others, together with 4 people linked to the ShinyHunters hacker group. Each IntelBroker and members of ShinyHunters have been concerned in administering and moderating the cybercrime and knowledge breach discussion board BreachForums.
The unsealed grievance (PDF), dated February 2025, lays naked the FBI’s two-year investigation into West’s cybercrime operations, connecting him to dozens of knowledge breaches, gross sales of stolen knowledge, and the management of a hacking collective working on clear and darkish net boards.
Who Is IntelBroker?
Utilizing aliases like “IntelBroker” and “Kyle Northern”, West constructed a fame on a transparent and darkish net discussion board identified within the indictment as “Discussion board‑1” ( BreachForums). Working beneath the banner of a hacking crew referred to as CyberN (previously “The Boys”), IntelBroker supplied hacked databases from authorities businesses, healthcare suppliers, telecommunications companies, and web service suppliers.
Between 2023 and early 2025, West authored no less than 158 threads providing stolen knowledge on Discussion board‑1, with 41 of them involving US corporations. The FBI notes that no less than $2 million price of Monero cryptocurrency was solicited for the stolen data.
In 2024, IntelBroker was listed because the “proprietor” of Discussion board‑1, and his fame skyrocketed as he gave away some knowledge leaks totally free to spice up credibility, collect a following, and appeal to patrons.
How the FBI Tracked Down IntelBroker
What West didn’t know was that FBI brokers have been watching carefully. The bureau deployed undercover officers posing as patrons on Discussion board‑1. On no less than two events, brokers bought stolen knowledge instantly from IntelBroker.
In January 2023, one agent purchased an API key and login credentials for an organization dubbed “Sufferer‑7.” Though the credentials have been restricted in worth, the transaction turned a key factor in monitoring his id when IntelBroker requested for cost in Bitcoin (as a substitute of Monero) and offered a pockets deal with that could possibly be traced on the blockchain.
FBI blockchain analysts adopted the cash and located that:
- The Bitcoin pockets used for the transaction had been seeded from one other pockets linked to an account on a monetary platform referred to as Ramp.
- That Ramp account was registered utilizing a UK provisional driving license issued to Kai Logan West.
- The identical id, Kai West, additionally owned a Coinbase account beneath the alias Kyle Northern, however with KYC verification; confirming it was the identical particular person.
Additional connecting the dots, each accounts have been linked to a Gmail deal with utilized by West for private issues, together with:
- Cloud-stored selfies
- Receipts and ID paperwork
- UK College Housing and Tuition communications
- Movies showcasing networking instruments like “GPRS Smash”
The e-mail additionally included a scholar certificates exhibiting West was enrolled in a Cyber Safety program.
On-line Footprints and Discussion board Exercise
West didn’t simply transact carelessly, he additionally uncovered himself by linking his on-line exercise to non-public behaviour. His IntelBroker posts on Discussion board‑1 typically referenced YouTube movies that he had simply seen from his private e-mail account, and he recurrently up to date his signature block to checklist members of his hacking group, which made it simpler to hint his involvement throughout a number of threads.
When Discussion board‑1 was seized and shut down in 2024 and relaunched, all previous posts inherited the up to date signature, making a constant path of West’s exercise and affiliations courting again to early 2023.
The Sufferer Record: Telecoms, Healthcare, ISPs
The indictment outlines no less than six victims, referred to solely as Sufferer‑1 by Sufferer‑6. Sufferer‑1, a telecom supplier, had knowledge exfiltrated and deleted from a internet hosting server in Manhattan, leading to injury estimated within the lots of of 1000’s.
Sufferer‑3, a municipal healthcare supplier, had the non-public and well being knowledge of over 56,000 people stolen, which West later offered to an undercover FBI agent for $1,000 in Monero. Sufferer‑6, an web service supplier, was compromised utilizing data from earlier leaks to breach an inside server.
In every case, West publicly supplied proof samples, negotiated gross sales by way of non-public messages, and accepted solely Monero to keep up anonymity, although the paper path caught up.
Nevertheless, since Hackread.com completely reported on IntelBroker’s knowledge breaches, here’s a complete checklist of knowledge breaches and leaks claimed by the hacker:
Right here is the checklist sorted from shortest to longest by character rely:
- AMD
- Apple
- Cisco
- Nokia
- US DoD
- Europol
- T-Cellular
- Robert Half
- Area Eyes
- Dwelling Depot
- Tech in Asia
- Common Electrical
- LA Intl. Airport
- HSBC & Barclays Financial institution
- Fb Market
- Weee! Grocery Service
- UAE’s Lulu Hypermarket
- US Federal Contractor Acuity
- Hewlett Packard Enterprise (HPE)
- MIT Know-how Evaluation Journal
- An unnamed however “Prime” Cybersecurity Agency
Prison Expenses
West has been charged with 4 federal offences:
- Wire fraud
- Conspiracy to commit wire fraud
- Conspiracy to commit laptop intrusions
- Accessing a protected laptop to defraud and procure worth
Every carries the potential for a number of years in jail, notably when involving well being knowledge or affecting vital infrastructure.
The FBI’s Particular Agent Carson Hughes and US Legal professional Jay Clayton emphasised the worldwide attain and hazard of IntelBroker’s operations. The FBI referred to as the case “a warning” to cybercriminals who consider on-line anonymity shields them from penalties.
Did IntelBroker Work for the UK’s Nationwide Crime Company?
Kai West introduced himself professionally as a cybersecurity researcher and operated beneath two separate identities on LinkedIn, one as Kyle Northern and the opposite as Ok West. This was first flagged by Nathaniel Fried, Co-founder and CEO at 0xbowio, who shared particulars of West’s twin profiles with Hackread.com.
Notably, the Kyle Northern profile claimed he labored as a Safety Researcher Trainee on the UK’s Nationwide Crime Company (NCA) from September to October 2019. If correct, this function may have concerned entry to categorized techniques, because the NCA offers with severe organized crime and nationwide safety. Whereas the NCA affiliation stays unverified, West’s claimed background in cybersecurity and his tutorial path counsel the chance shouldn’t be dismissed outright.
West in France because the US Seeks Extradition
West stays in French custody, and US officers are actively in search of extradition. If convicted, he may face a long time behind bars. In the meantime, Discussion board‑1 has been offline since April 2025, reportedly as a consequence of a MyBB zero-day vulnerability. A lot of its members have since migrated to different platforms, together with DarkForums and the Russian-language cybercrime discussion board XSS.
The publicity of IntelBroker stands out as a serious cybercrime takedown. What made it potential was a mixture of undercover FBI work, cryptocurrency monitoring, and even old-school e-mail proof, all of which helped monitor probably the most well-known figures on cybercrime boards.
