Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York

Share This Post

U.S. law enforcement authorities have arrested a 21-year-old New York man in connection with running the infamous BreachForums hacking forum under the online alias “Pompompurin.”

The development, first reported by Bloomberg Law, comes after News 12 Westchester, earlier this week, said that federal investigators “spent hours inside and outside of a home in Peekskill.”

“At one point, investigators were seen removing several bags of evidence from the house,” the New York-based local news service added.

According to an affidavit filed by the Federal Bureau of Investigation (FBI), the suspect identified himself as Conor Brian Fitzpatrick and admitted to being the owner of the BreachForums website.

“When I arrested the defendant on March 15, 2023, he stated to me in substance and in part that: a) his name was Conor Brian Fitzpatrick; b) he used the alias ‘pompompurin,’ and c) he was the owner and administrator of ‘BreachForums,'” FBI Special Agent, John Longmire, said.

Fitzpatrick has been charged with one count of conspiracy to solicit individuals with the purpose of selling unauthorized access devices.

The defendant was released a day later on a $300,000 bond signed by his parents and is scheduled to appear before the District Court for the Eastern District of Virginia on March 24, 2023.

Besides being barred from obtaining a passport or other international travel document, Fitzpatrick has been restricted from contacting his co-conspirators and using a narcotic drug or other controlled substances unless prescribed by a licensed medical practitioner.

BreachForums emerged last year three weeks after a coordinated law enforcement operation seized control of RaidForums in March 2022.

“In the threat actor’s welcoming thread, ‘pompompurin’ stated that they had created BreachForums as an alternative to RaidForums but that it was ‘not affiliated with RaidForums in any capacity,'” cybersecurity firm Flashpoint said at the time.

WEBINAR

Discover the Hidden Dangers of Third-Party SaaS Apps

Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.

RESERVE YOUR SEAT

The forum has since attracted notoriety for hosting stolen databases belonging to several companies, often including sensitive personal information.

In the wake of Fitzpatrick’s arrest, another forum user named Baphomet said they were taking ownership of the website, noting that there is no evidence of “access or modifications to Breached infra.”

“My only response to [law enforcement], or any media outlet is that I have no concerns for myself at the moment,” Baphomet said in the announcement. “OPSEC has been my focus from day one, and thankfully I don’t think any mountain lions will be attacking me in my little fishing boat.”

The development comes as the Cyber Police of Ukraine announced the arrest of a 25-year-old developer who created a remote access trojan that infected over 10,000 computers under the guise of gaming apps.

The BreachForums website is no longer accessible, despite assurances to the contrary from a forum member named Baphomet, returning an error message: “502 – Bad Gateway

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

The Hacker News

Read More

More Articles

Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.

Article

BFU – Seeing is Believing

Oh no, the device is in BFU. This is the common reaction; a device needs extracting, and you find it in a BFU state. Often, there’s an assumption that a BFU extraction will only acquire basic information, but that isn’t always the case.