How the FBI Caught Hacker Pompompurin

Seytonic

26 Mar 202308:09

Summary

TLDRPompompurin, the notorious hacker and owner of BreachForums, was arrested by the FBI after a series of opsec failures. Known for his high-profile cybercrimes and clashes with security researchers, his downfall came from mixing his real and online identities. The FBI traced him through a leaked database, his email, and IP addresses linked to his home. Now facing up to 20 years in prison, the future of BreachForums is uncertain as its second-in-command, 'Baphomet', struggles to maintain the site amidst fears of FBI infiltration.

Takeaways

😎 Pompompurin, known for using a Hello Kitty character, became a notorious figure in the cybercriminal world by running breachforums, a major English-speaking blackhat forum.
🔍 The FBI tracked down Pompompurin through a slip-up in a private message on a seized forum, where he mentioned an email address that contained his real name, Conor Fitzpatrick.
📧 The FBI linked Pompompurin's real identity to a Google Pay account, which was connected to an IP address used for a Zoom account registered to an email address that Pompompurin used to log into breachforums.
🏠 Google Pay accounts were linked to Pompompurin's home address, making it easy for the FBI to locate him.
👮‍♂️ After his arrest, Conor Fitzpatrick, also known as Pompompurin, admitted to being the owner and admin of BreachForums and was charged with conspiracy to solicit the selling of unauthorized access devices.
💰 Pompompurin's bail was set at $300,000, paid by his parents, and he could face up to 20 years in prison according to sentencing guidelines.
🛑 Following Pompompurin's arrest, the second in command of BreachForums, 'Baphomet', restricted and eventually banned Pompompurin's access to the forum due to security concerns.
🚨 Baphomet feared that the FBI could exploit Pompompurin's access to de-anonymize BreachForums' users, leading to the decision to shut down the forum.
🔄 Baphomet considered migrating to new infrastructure to keep the forum alive but later decided to shut down BreachForums completely due to evidence of FBI access to the forum's infrastructure.
🌐 The shutdown of BreachForums left its large user base without a platform, and Baphomet is in discussions to potentially build a new community with other forum admins.
🔄 The script highlights the cyclical nature of such forums, with the downfall of one often leading to the rise of another, as seen with the transition from raidforums to BreachForums.

Q & A

Who is Pompompurin and what is his connection to the cyber criminal underworld?
-Pompompurin, also known as Conor Fitzpatrick, is a notorious hacker who rose to fame as the owner of BreachForums, one of the largest English-speaking blackhat forums on the internet, known for facilitating the sale of countless data breaches.
What is the significance of BreachForums in the context of cybercrime?
-BreachForums is significant as it has become one of the largest platforms for English-speaking cyber criminals, particularly for the sale and distribution of data breaches through its 'leaks market'.
How did Pompompurin's rivalry with NightLion Security's Vinny Troia escalate?
-The rivalry escalated through public clashes and a multi-year troll campaign initiated by Pompompurin, including hacking Vinny's Twitter account and falsely accusing him of being a pedophile by breaching the National Center for Missing and Exploited Children's database.
What was the turning point that led to Pompompurin's arrest?
-The turning point was Pompompurin's slip-up in a private message to 'Omnipotent' on raidforums, where he mentioned an email address that the FBI later linked to his real identity, Conor Fitzpatrick.
How did the FBI identify Pompompurin's real identity?
-The FBI identified Pompompurin's real identity by analyzing a private message on raidforums where he mentioned an email address that contained his real name, Conor Fitzpatrick. Further investigation linked this email to a Google Pay account and IP addresses associated with his online activities.
What was Pompompurin's reaction when he was arrested?
-Upon his arrest, Pompompurin, also known as Conor Brian Fitzpatrick, quickly accepted that the game was over and admitted to the FBI that he was Pompompurin and the owner and admin of BreachForums.
What charges did Pompompurin face after his arrest?
-Pompompurin was charged with 'conspiracy to solicit individuals with the purpose of selling unauthorized access devices,' which refers to means of accessing accounts, such as usernames and passwords.
How did the arrest of Pompompurin impact the operations of BreachForums?
-Following Pompompurin's arrest, the second in command, 'Baphomet,' restricted his access to the site and eventually banned him. Concerns about the FBI exploiting Pompompurin's access led to the decision to shut down BreachForums.
What was the role of 'Baphomet' in the aftermath of Pompompurin's arrest?
-'Baphomet' assumed control of BreachForums, initially restricting and then banning Pompompurin's access to the site. He also monitored logs for any unauthorized access or modifications to the forum's infrastructure.
What are the implications of the FBI's access to BreachForums' database?
-The implications are significant as it suggests that the FBI could potentially de-anonymize users of the forum, similar to what happened with raidforums, which was transformed into an FBI honeypot after its seizure.
What is the future of the cyber criminal community that was依托 on BreachForums?
-With BreachForums shutting down, the community is left without a platform. However, it is likely that a new platform will emerge to fill the void, as the quarter of a million users seek a new home for their activities.