The founder and operator of BreachForums, Conor Brian Fitzpatrick, received a sentence of time served and 20 years of supervised release for his involvement in running the cyber crime website.

Fitzpatrick, who used the online nickname “pompompurin,” was captured in March 2023 in New York and faced charges of conspiracy to commit access device fraud and possession of child pornography. He was later freed on a $300,000 bond, and in July 2023, he admitted to the charges.

BreachForums was a major online platform for trading stolen data since March 2022. Before it was shut down a year later, the website had over 340,000 members.

The website offered various types of stolen data, such as bank account information, Social Security numbers, personally identifying information (PII), hacking tools, breached databases, and account login information for hacked online accounts with service providers and merchants.

BreachForums also promoted services for accessing victim systems without authorization. The website affected millions of U.S. citizens and hundreds of U.S. and foreign companies, organizations, and government agencies.

Fitzpatrick also ran a “Leaks Market,” where he acted as a trusted intermediary (i.e., escrow) between users on the website who wanted to exchange hacked or stolen data, tools, and other illegal material.

“Fitzpatrick also allegedly operated an ‘Official’ databases section where BreachForums directly sold access to verified hacked databases through a “credits” system managed by the platform,” the U.S. Department of Justice stated.

Court records obtained by DataBreaches.net indicate that Fitzpatrick’s mental health may have influenced his sentence. Prosecutors suggested a 15-year prison term for the defendant a day before sentencing.

The 21-year-old is expected to spend the first two years of supervised release on house arrest with a GPS location tracker and receive mental health treatment. He has also been ordered to avoid using the internet for the first year and register with the state sex offender registration agency in any state where he lives.

The amount of restitution Fitzpatrick has to pay for victims’ losses has not been decided yet. Earlier this month, Fitzpatrick was imprisoned for breaking the terms of his pre-sentencing release by using an unmonitored computer and a virtual private network (VPN).

However, the illegal service did not stop after law enforcement seized the domains in March 2023. In June 2023, BreachForums was revived by the notorious ShinyHunters group, who were previously active on the Raid Forums, the takedown of which led to the launch of BreachForums.

A Russian citizen, Alexander Ermakov, who goes by various online aliases, has been sanctioned by the governments of Australia, the U.K., and the U.S. for his involvement in a major cyberattack on Medibank, an Australian health insurance provider, in 2022.

Ermakov is accused of hacking into the Medibank network and stealing and leaking the personal and medical data of about 9.7 million current and former customers of the company. The data breach was carried out by the REvil ransomware gang, which has since ceased operations.

The sanctions prohibit anyone from dealing with Ermakov’s assets, including cryptocurrency wallets or ransomware payments, and impose a travel ban on him. Anyone who violates the sanctions could face up to 10 years in prison.

The U.K. government said the sanctions are part of their efforts to combat the malicious cyber activities of Russia, which threaten the security and prosperity of the U.K. and its allies.

The U.S. Treasury Department also criticized Russia for harboring and supporting cyber criminals who launch ransomware attacks against the U.S. and other countries, targeting their businesses and critical infrastructure. The Treasury Department urged Russia to take action to stop cyber criminals from operating freely in its territory.

“Russian cyber actors continue to launch disruptive ransomware attacks against the United States and allied countries, targeting our businesses, including critical infrastructure, to steal sensitive data,” said Under Secretary of the Treasury Brian E. Nelson.

“This action demonstrates that the United States stands with our partners to disrupt ransomware actors who victimize the backbone of our economies and critical infrastructure,” the Treasury Department said.

In order to carry out sextortion attacks, the Federal Bureau of Investigation (FBI) is warning of a growing trend of malicious actors creating deepfake content.

Sextortion is a form of online blackmail in which nefarious individuals threaten their victims by publicly leaking explicit images and videos that they have obtained through coercion or hacking, typically in exchange for financial compensation.

The threat actors only pretend to have access in many instances of sextortion in order to frighten victims into paying an extortion demand.

The FBI warns that sextortionists are now scraping innocent images and videos posted on social media platforms of their targets. After that, these images are fed into deepfake content creation tools, which transform them into sexually explicit content that is generated by AI.

Even though the produced images or videos are not real, they appear very real, allowing the threat actor to use them for extortion by sending them to the target’s family, coworkers, etc. could still cause victims significant harm to their personal and public image.

The alert that was made available on the IC3 portal of the FBI states, “As of April 2023, the FBI has observed an uptick in sextortion victims reporting the use of fake images or videos created from content posted on their social media sites or web postings, provided to the malicious actor upon request, or captured during video chats.”

“In light of ongoing casualty announcing, the pernicious entertainers regularly requested: 1. Threats to share the images or videos with family members or friends on social media if funds were not received in the form of payment (such as cash or gift cards); or 2. The victim sends real videos or images with a sexual theme.”

According to the FBI, explicit content creators sometimes post their videos directly to pornographic websites without first extorting the victims, exposing them to a large audience without their consent.

Sextortionists sometimes make use of these now-public uploads to exert even more pressure on the victim by requesting payment to remove the uploaded photos and videos from the websites.

Unfortunately, the FBI reports that this media manipulation activity has also affected minors.

How to stay safe All internet users, especially those in sensitive categories, face a hostile environment as capable AI-enabled content creation tools become more widely available.
On GitHub, there are a number of free content creation tool projects that can create realistic videos from a single image of the target’s face without the need for additional training or data.

Many of these tools have safeguards built in to prevent misuse, but those sold on dark web markets and underground forums do not.
Parents should keep an eye on their children’s online activities and talk to them about the dangers of sharing personal media online, according to the FBI.

Additionally, parents should conduct online searches to ascertain their children’s online exposure and take any necessary action to remove content.

To reduce exposure, adults who post images or videos online should restrict access to a small private group of friends. In addition, children’s faces ought to always be masked or blurred.

Last but not least, if you find deepfake content about you on pornographic websites, report it to the authorities and get in touch with the hosting platform to ask for the media to be taken down.

The non-consensual sharing of deepfakes has recently been made a crime in the United Kingdom thanks to an amendment to the Online Safety Bill.