FBI arrests alleged BreachForums mastermind 'Pompompurin'
Conor Brian Fitzpatrick is said to have created BreachForums after the FBI seized the RaidForums dark web site
A New York man who allegedly ran the notorious dark web data-breach site "BreachForums," has been arrested by US federal agents.
Conor Brian Fitzpatrick, the alleged mastermind behind the cybercrime and who used the alias "Pompompurin," was apprehended at his home on Wednesday, according to FBI special agent John Longmire's sworn statement filed in the court.
A single charge of conspiracy to commit access device fraud has been levelled against Fitzpatrick.
Agent Longmire claimed in the court statement that Fitzpatrick confessed to being the owner of BreachForums and identifying himself as Pompompurin during his arrest.
"When I arrested the defendant on March 15, 2023, he stated to me in substance and in part that: a) his name was Conor Brian Fitzpatrick; b) he used the alias 'Pompompourin,' and c) he was the owner and administrator of 'BreachForums,' the data breach website referenced in the Complaint," Longmire said.
It is believed that Pompompurin was involved in several of the most prominent hacks in recent years, including multiple attacks targeting the FBI.
Pompompurin took credit in 2021 for breaking into the FBI's email systems and disseminating hundreds of fake cybersecurity alerts.
Pompompurin said that he was able to send fake FBI alerts by taking advantage of a security vulnerability in an FBI portal intended to exchange data with regional and local law enforcement agencies.
The FBI later admitted that a misconfiguration in their software had enabled someone to send the fraudulent emails.
Pompompurin is also linked to the 2022 breach of the FBI's InfraGard network, which led to the sale of 80,000 members' contact information on the dark web.
The agency temporarily deactivated the portal before requiring all InfraGard members to reapply for membership.
In addition to these breaches, Pompompurin is also linked to the 2021 Robinhood attack, which exposed the data of nearly seven million users.
BreachForums surfaced last year, about three weeks after a coordinated law enforcement effort took control of another cybercrime site RaidForums in March 2022.
RaidForums was a popular English-language cybercrime forum that offered access to billions of customer records stolen in some of the world's biggest data breaches since 2015.
As part of that operation, the federal agencies charged the suspected admin, Diogo Santos Coelho of Portugal, with six criminal counts.
Pompourin allegedly created BreachForums after the FBI took control of RaidForums.
"In the threat actor's welcoming thread, Pompompurin stated that they had created BreachForums as an alternative to RaidForums but that it was 'not affiliated with RaidForums in any capacity,'" cybersecurity firm Flashpoint said at the time.
BreachForums has subsequently grown to become the biggest data leak forum of its type, with hackers and ransomware gangs often using it to publish stolen data.
Last week, a threat actor utilised BreachForums to try to sell personal data of US lawmakers taken in a breach on DC Health Link, a healthcare provider for US House members, their employees, and their families.
While the FBI has been taking action against Pompourin, a recent post on the BreachForums implied that the site will stay operational under a new owner. The admin said they have full access to the site's infrastructure and would continue to run the forum.
According to Bloomberg, Fitzpatrick was freed on a $300,000 bail on Thursday and will appear in a Virginia court on March 24th.
Fitzpatrick has been prohibited from contacting his co-conspirators and from taking narcotic drugs or other controlled substances unless prescribed by a registered medical practitioner, in addition to being forbidden from acquiring a passport or other foreign travel document.