On June 25, 2025, French authorities introduced<\/a> that 4 members of the ShinyHunters (also referred to as ShinyCorp) cybercriminal group have been arrested in a number of French areas for cybercrime actions and involvement within the English-language underground discussion board often known as BreachForums. The coordinated international legislation enforcement effort concentrating on the \u2018ShinyHunters\u2019, \u2018Hole\u2019, \u2018Noct\u2019, and \u2018Depressed\u2019 personas adopted the February arrest<\/a> of Kai West (also referred to as \u2018IntelBroker\u2019), who beforehand administered BreachForums.<\/p>\n

The ShinyHunters risk group has been energetic since 2020 and has compromised organizations in industries comparable to telecommunications, e-commerce, know-how, and retail. The group is understood for promoting stolen knowledge solely on RaidForums and BreachForums. The ShinyHunters persona was a key participant in these boards as a contributor and administrator.<\/p>\n

Since its authentic creation as RaidForums in 2015, BreachForums had been taken down quite a few occasions and had been administered by a number of personas. Desk 1 lists a timeline of notable occasions within the discussion board\u2019s historical past.<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Date<\/strong><\/td>\n Occasion<\/strong><\/td>\n Element<\/strong><\/td>\n<\/tr>\n
March 19, 2015<\/td>\n RaidForums launch<\/td>\n Diogo Santos Coelho (also referred to as \u2018All-powerful\u2019) based
RaidForums. It turned one of many largest knowledge leak boards, peaking
at over 530,000 customers.<\/td>\n<\/tr>\n
January 31, 2022<\/td>\n Arrest<\/td>\n Coelho was arrested within the UK on the request of U.S. authorities.<\/td>\n<\/tr>\n
February 25, 2022<\/td>\n Discussion board offline<\/td>\n RaidForums turned inaccessible, and a suspected
credential-harvesting clone appeared.<\/td>\n<\/tr>\n
March 4, 2022<\/td>\n BreachForums (v1)
launch<\/td>\n Conor Fitzpatrick (also referred to as \u2018Pompompurin\u2019) launched
BreachForums as a successor to RaidForums.<\/td>\n<\/tr>\n
April 12, 2022<\/td>\n Area seizures<\/td>\n U.S. authorities introduced the seizure of RaidForums domains as
a part of Operation TOURNIQUET.<\/td>\n<\/tr>\n
March 15, 2023<\/td>\n Arrest<\/td>\n Fitzpatrick was arrested in Peekskill, New York.<\/td>\n<\/tr>\n
March 21, 2023<\/td>\n Discussion board offline<\/td>\n An administrator often known as \u2018Baphomet\u2019 shut down the discussion board, citing
considerations about legislation enforcement actions.<\/td>\n<\/tr>\n
June 12, 2023<\/td>\n BreachForums (v2)
launch<\/td>\n The ShinyHunters persona and Baphomet relaunched BreachForums (breachforums . vc).<\/td>\n<\/tr>\n
June 18, 2023<\/td>\n Discussion board compromise<\/td>\n BreachForums was compromised by \u2018OnniForums\u2019, and knowledge of
roughly 4,000 members was leaked.<\/td>\n<\/tr>\n
Could 15, 2024<\/td>\n Area seizures<\/td>\n U.S. authorities seized a number of BreachForums domains.<\/td>\n<\/tr>\n
Could 29, 2024<\/td>\n BreachForums (v3)
launch<\/td>\n BreachForums resurfaced (breachforums . st). Customers suspected that
it was a honeypot, however it was ultimately deemed reputable.<\/td>\n<\/tr>\n
June 14, 2024<\/td>\n Management change<\/td>\n ShinyHunters retired, and \u2018Anastasia\u2019 assumed possession.<\/td>\n<\/tr>\n
August 1, 2024<\/td>\n Management change<\/td>\n IntelBroker assumed management.<\/td>\n<\/tr>\n
January 1, 2025<\/td>\n Management change<\/td>\n IntelBroker resigned as proprietor, and Anastasia continued because the discussion board administrator.<\/td>\n<\/tr>\n
February 2025<\/td>\n Arrest<\/td>\n Worldwide legislation enforcement arrested Kai West (IntelBroker) in
France.<\/td>\n<\/tr>\n
April 28, 2025<\/td>\n Discussion board offline<\/td>\n Regardless of quite a few claims and rumors, it’s unclear if the discussion board
directors, one other risk group, or legislation enforcement was chargeable for the disappearance.<\/td>\n<\/tr>\n
June 4, 2025<\/td>\n BreachForums (v4)
launch<\/td>\n ShinyHunters relaunched the discussion board (breach-forums . st).<\/td>\n<\/tr>\n
June 9, 2025<\/td>\n Discussion board on the market<\/td>\n ShinyHunters introduced the discussion board was on the market.<\/td>\n<\/tr>\n
June 22, 2025<\/td>\n Arrests<\/td>\n French authorities arrested members of the ShinyHunters risk
group throughout a coordinated legislation enforcement operation.<\/td>\n<\/tr>\n
June 25, 2025<\/td>\n Federal fees<\/td>\n U.S. authorities unsealed an indictment charging Kai West
(IntelBroker) with a number of cybercrimes.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
Desk 1: Timeline of main BreachForums occasions.<\/em><\/p>\n
The ShinyHunters persona partnered with Baphomet to relaunch the second occasion of BreachForums (v2) in June 2023 and later launched the June 2025 occasion (v4) alone. The interim model (v3) abruptly disappeared in April 2025, and the trigger is unclear. \u2018Darkish Storm Group\u2019 claimed that it took the discussion board down through a distributed denial of service (DDoS) assault (see Determine 1). Different personas reported that the Qilin ransomware operators prompted the outage in retaliation for his or her ban from BreachForums. Rumors additionally circulated that legislation enforcement was accountable.<\/p>\n
$\"Screenshot$ <\/a><\/p>\n
Determine 1: Darkish Storm claiming accountability for the BreachForums takedown. (Supply: X)<\/em><\/p>\n
On June 4, Counter Menace Unit\u2122 (CTU) researchers recognized the relaunch of BreachForums (v4) underneath the administration of the ShinyHunters persona. One of many first posts was purportedly by IntelBroker, a distinguished BreachForums contributor who took management of BreachForums (v3) in 2024. The persona maintained a status for promoting entry to database dumps and compromised programs and was related to cybercrime teams CNZ (redacted) and GOLD PUMPKIN (also referred to as HELLCAT). In January 2025, they stepped down as BreachForums\u2019 proprietor (see Determine 2), and rumors<\/a> of their arrest circulated. These rumors have been confirmed on June 25, when the U.S. Division of Justice (DOJ)\u00a0introduced<\/a><\/u>\u00a0the unsealing of an indictment towards Kai West, who operated underneath the IntelBroker alias. West was arrested in February, so the June BreachForums publish was submitted by somebody impersonating the persona.<\/p>\n
$\"Screenshot$ <\/a><\/p>\n
Determine 2: IntelBroker saying resignation as BreachForums proprietor. (Supply: X)<\/em><\/p>\n
The BreachForums (v4) relaunch was short-lived. On June 9, the bulletin board displayed a discover that it was closed and that the discussion board was on the market for $2,500 USD (see Determine 3). The message explicitly warned scammers to \u201ckeep away\u201d. The ShinyHunters members have been arrested two weeks later.<\/p>\n
$\"Screenshot$ <\/a><\/p>\n
Determine 3: ShinyHunters promoting BreachForums on the market. (Supply: BreachForums)<\/em><\/p>\n
As of this publication, BreachForums stays offline. The discussion board\u2019s future is unclear, however the sample of relaunches could proceed.<\/p>\n
These arrests replicate rising legislation enforcement stress on cybercriminal infrastructure and operations. Within the U.S. Division of Justice announcement in regards to the arrest and indictment of Kai West, FBI Assistant Director in Cost Christopher G. Raia acknowledged that the arrests \u201cought to function a warning to anybody pondering they’ll disguise behind a keyboard and commit cybercrime with impunity; the FBI will discover and maintain you accountable irrespective of the place you might be.\u201d CTU\u2122 researchers proceed to observe legislation enforcement actions and their affect on the cybercrime panorama.<\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":"
On June 25, 2025, French authorities introduced that 4 members of the ShinyHunters (also referred to as ShinyCorp) cybercriminal group have been arrested in a number of French areas for cybercrime actions and involvement within the English-language underground discussion board often known as BreachForums. The coordinated international legislation enforcement effort concentrating on the \u2018ShinyHunters\u2019, \u2018Hole\u2019, […]<\/p>\n","protected":false},"author":2,"featured_media":4016,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[2435,121,3670,120],"class_list":["post-4014","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breachforums","tag-news","tag-shine","tag-sophos"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4014","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4014"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4014\/revisions"}],"predecessor-version":[{"id":4015,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4014\/revisions\/4015"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/4016"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

Date<\/strong><\/td>\n	Occasion<\/strong><\/td>\n	Element<\/strong><\/td>\n<\/tr>\n
March 19, 2015<\/td>\n	RaidForums launch<\/td>\n	Diogo Santos Coelho (also referred to as \u2018All-powerful\u2019) based RaidForums. It turned one of many largest knowledge leak boards, peaking at over 530,000 customers.<\/td>\n<\/tr>\n
January 31, 2022<\/td>\n	Arrest<\/td>\n	Coelho was arrested within the UK on the request of U.S. authorities.<\/td>\n<\/tr>\n
February 25, 2022<\/td>\n	Discussion board offline<\/td>\n	RaidForums turned inaccessible, and a suspected credential-harvesting clone appeared.<\/td>\n<\/tr>\n
March 4, 2022<\/td>\n	BreachForums (v1) launch<\/td>\n	Conor Fitzpatrick (also referred to as \u2018Pompompurin\u2019) launched BreachForums as a successor to RaidForums.<\/td>\n<\/tr>\n
April 12, 2022<\/td>\n	Area seizures<\/td>\n	U.S. authorities introduced the seizure of RaidForums domains as a part of Operation TOURNIQUET.<\/td>\n<\/tr>\n
March 15, 2023<\/td>\n	Arrest<\/td>\n	Fitzpatrick was arrested in Peekskill, New York.<\/td>\n<\/tr>\n
March 21, 2023<\/td>\n	Discussion board offline<\/td>\n	An administrator often known as \u2018Baphomet\u2019 shut down the discussion board, citing considerations about legislation enforcement actions.<\/td>\n<\/tr>\n
June 12, 2023<\/td>\n	BreachForums (v2) launch<\/td>\n	The ShinyHunters persona and Baphomet relaunched BreachForums (breachforums . vc).<\/td>\n<\/tr>\n
June 18, 2023<\/td>\n	Discussion board compromise<\/td>\n	BreachForums was compromised by \u2018OnniForums\u2019, and knowledge of roughly 4,000 members was leaked.<\/td>\n<\/tr>\n
Could 15, 2024<\/td>\n	Area seizures<\/td>\n	U.S. authorities seized a number of BreachForums domains.<\/td>\n<\/tr>\n
Could 29, 2024<\/td>\n	BreachForums (v3) launch<\/td>\n	BreachForums resurfaced (breachforums . st). Customers suspected that it was a honeypot, however it was ultimately deemed reputable.<\/td>\n<\/tr>\n
June 14, 2024<\/td>\n	Management change<\/td>\n	ShinyHunters retired, and \u2018Anastasia\u2019 assumed possession.<\/td>\n<\/tr>\n
August 1, 2024<\/td>\n	Management change<\/td>\n	IntelBroker assumed management.<\/td>\n<\/tr>\n
January 1, 2025<\/td>\n	Management change<\/td>\n	IntelBroker resigned as proprietor, and Anastasia continued because the discussion board administrator.<\/td>\n<\/tr>\n
February 2025<\/td>\n	Arrest<\/td>\n	Worldwide legislation enforcement arrested Kai West (IntelBroker) in France.<\/td>\n<\/tr>\n
April 28, 2025<\/td>\n	Discussion board offline<\/td>\n	Regardless of quite a few claims and rumors, it’s unclear if the discussion board directors, one other risk group, or legislation enforcement was chargeable for the disappearance.<\/td>\n<\/tr>\n
June 4, 2025<\/td>\n	BreachForums (v4) launch<\/td>\n	ShinyHunters relaunched the discussion board (breach-forums . st).<\/td>\n<\/tr>\n
June 9, 2025<\/td>\n	Discussion board on the market<\/td>\n	ShinyHunters introduced the discussion board was on the market.<\/td>\n<\/tr>\n
June 22, 2025<\/td>\n	Arrests<\/td>\n	French authorities arrested members of the ShinyHunters risk group throughout a coordinated legislation enforcement operation.<\/td>\n<\/tr>\n
June 25, 2025<\/td>\n	Federal fees<\/td>\n	U.S. authorities unsealed an indictment charging Kai West (IntelBroker) with a number of cybercrimes.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n Desk 1: Timeline of main BreachForums occasions.<\/em><\/p>\n The ShinyHunters persona partnered with Baphomet to relaunch the second occasion of BreachForums (v2) in June 2023 and later launched the June 2025 occasion (v4) alone. The interim model (v3) abruptly disappeared in April 2025, and the trigger is unclear. \u2018Darkish Storm Group\u2019 claimed that it took the discussion board down through a distributed denial of service (DDoS) assault (see Determine 1). Different personas reported that the Qilin ransomware operators prompted the outage in retaliation for his or her ban from BreachForums. Rumors additionally circulated that legislation enforcement was accountable.<\/p>\n $\"Screenshot$ <\/a><\/p>\n Determine 1: Darkish Storm claiming accountability for the BreachForums takedown. (Supply: X)<\/em><\/p>\n On June 4, Counter Menace Unit\u2122 (CTU) researchers recognized the relaunch of BreachForums (v4) underneath the administration of the ShinyHunters persona. One of many first posts was purportedly by IntelBroker, a distinguished BreachForums contributor who took management of BreachForums (v3) in 2024. The persona maintained a status for promoting entry to database dumps and compromised programs and was related to cybercrime teams CNZ (redacted) and GOLD PUMPKIN (also referred to as HELLCAT). In January 2025, they stepped down as BreachForums\u2019 proprietor (see Determine 2), and rumors<\/a> of their arrest circulated. These rumors have been confirmed on June 25, when the U.S. Division of Justice (DOJ)\u00a0introduced<\/a><\/u>\u00a0the unsealing of an indictment towards Kai West, who operated underneath the IntelBroker alias. West was arrested in February, so the June BreachForums publish was submitted by somebody impersonating the persona.<\/p>\n $\"Screenshot$ <\/a><\/p>\n Determine 2: IntelBroker saying resignation as BreachForums proprietor. (Supply: X)<\/em><\/p>\n The BreachForums (v4) relaunch was short-lived. On June 9, the bulletin board displayed a discover that it was closed and that the discussion board was on the market for $2,500 USD (see Determine 3). The message explicitly warned scammers to \u201ckeep away\u201d. The ShinyHunters members have been arrested two weeks later.<\/p>\n $\"Screenshot$ <\/a><\/p>\n Determine 3: ShinyHunters promoting BreachForums on the market. (Supply: BreachForums)<\/em><\/p>\n As of this publication, BreachForums stays offline. The discussion board\u2019s future is unclear, however the sample of relaunches could proceed.<\/p>\n These arrests replicate rising legislation enforcement stress on cybercriminal infrastructure and operations. Within the U.S. Division of Justice announcement in regards to the arrest and indictment of Kai West, FBI Assistant Director in Cost Christopher G. Raia acknowledged that the arrests \u201cought to function a warning to anybody pondering they’ll disguise behind a keyboard and commit cybercrime with impunity; the FBI will discover and maintain you accountable irrespective of the place you might be.\u201d CTU\u2122 researchers proceed to observe legislation enforcement actions and their affect on the cybercrime panorama.<\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":" On June 25, 2025, French authorities introduced that 4 members of the ShinyHunters (also referred to as ShinyCorp) cybercriminal group have been arrested in a number of French areas for cybercrime actions and involvement within the English-language underground discussion board often known as BreachForums. The coordinated international legislation enforcement effort concentrating on the \u2018ShinyHunters\u2019, \u2018Hole\u2019, […]<\/p>\n","protected":false},"author":2,"featured_media":4016,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[2435,121,3670,120],"class_list":["post-4014","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breachforums","tag-news","tag-shine","tag-sophos"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4014","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4014"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4014\/revisions"}],"predecessor-version":[{"id":4015,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4014\/revisions\/4015"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/4016"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}