Regulation enforcement companies in the US and France have seized management of domains linked to the infamous BreachForums hacking discussion board, generally used for the leaking of stolen knowledge, and the sale of hacked credentials.
Nevertheless, observers are warning the takedown – though worthy and laudable – could also be extra symbolic than remaining, as a model of BreachForums on the darkish net stays energetic.
When you go to breachforums.hn in the present day you may be greeted by an animated seizure announcement, that includes the logos of the US Division of Justice, FBI, France’s BL2C cybercrime unit, and Paris Prosecutor’s Workplace.
Somewhat than the standard messageboard the place cybercriminals traded their wares, the positioning not factors to a specialist subdomain of the web site of the Web Grievance Heart (IC3), inviting victims and members of the hacking boards to go away info that would help in future crackdowns.
Sadly, for everybody who is not a cybercriminal – the underlying Tor-based leak web site on the darkish net stays energetic and may proceed for use to show delicate knowledge.
Sadly additionally it is the case that there have been no confirmed arrests of BreachForums directors introduced publicly in co-ordination with the web site seizure, though it’s – in fact – at all times attainable that the backup knowledge seized would possibly include logs and metadata that would present clues as to the identities of among the discussion board’s members.
A bullish assertion issued by the Scattered LAPSUS$ Hunters hacking collective confirmed that the authorities had seized management of BreachForums’ domains and backend servers, alongside backups of its databases stretching again to 2023.
Nevertheless, the group’s assertion went on to assert that the seizure wouldn’t affect its menace to leak one billion information belonging to Salesforce clients, scheduled for 23:59 EST tonight, 10 October 2025.
On the darkish net, Scattered LAPSUS$ Hunters has listed scores of organisations whose Salesforce cases have been breached in current months, together with Adidas, Cartier, Chanel, Cisco, FedEx, IKEA, McDonald’s, Qantas Airways, Toyota, and Walgreens.
For its half, Salesforce has reportedly confirmed that it’s going to not pay a ransom.
What is not in any doubt is that the authorities have been taking part in whack-a-mole for a while with hacking message boards like BreachForums. Over the previous few years, legislation enforcement companies have repeatedly tried – and generally succeeded – in disrupting BreachForums and its predecessors. In April 2022, as an illustration, the US Division of Justice shut down RaidForums and seized its area, paving the way in which for BreachForums to emerge.
In March 2023, the discussion board’s founder Conor “Pompompurin” Fitzpatrick was arrested, and the positioning quickly taken offline.
Regardless of these and different takedowns in its historical past, BreachForums has repeatedly resurfaced beneath completely different domains or backends – highlighting simply how resilient underground cybercrime infrastructure may be.
