On June 13, big news broke on the dark web, and "ODN" tracked it down.
BreachForums announces relaunch
Baphomet, a partner of Breached Forum founder "Pompompurin", finally announced the relaunch of Breached Forum after several weeks of shutting it down. He said in his Telegram group that the forum is back and made public the address of the new Breached forum: https://breachforums.vc. He said that when you sign up, please check your spam folder, because the emails may not reach the inbox. He also said that if you find any errors, please let me know if the site has been taken down, probably because "impotent" (the administrator of the Exposed forum) is conducting a DDoS attack.
Baphomet posted an announcement on his personal site that the Breached forum was back up and reminded everyone to confirm PGP signatures, which stated:
Hello.
This is Baphomet confirming not only myself, but the official forum: breachforums.vc
This is our only domain, no other domains are to be trusted. Including any old Breached domains.
Please be patient as we work through some expected issues related to email verification and downtime. Members who held rank on BF can PM me on the forum (or telegram) to restore their account on our forum. If you do not receive a verification email please let me know and we can make sure your account gets activated.
Sent from my tiny boating vessel.
- - Baph
meaning that the currently restarted Breached forum is new and does not import the old data from the Breached forum before it was shut down, and that "Baphomet" said that user levels could be restored manually and that he also said in the group:
As already said our only domain is https://breachforums.vc
If you need your rank restored from BF, please PM me on the forum if I dont respond here. Provide anything from screenshots, to account information (email, etc) that can verify you.
We are working on resolving the email issues but I will manually verify anyone until that point. Thanks for your patience.
Exposed forum announces search for a new owner
The Exposed forum, which gained widespread popularity for leaking Raidforums' user database, was once considered a replacement for the shuttered Breached forum.
On the morning of June 13, moderator "Purism" wrote in the corresponding forum thread that he would sell Exposed, and the site was then disconnected from the database and replaced with a "We are LOOKING for new OWNER!" on the front page, saying: "Since we don't have enough time to maintain the forum, we are looking for a new owner to take on this responsibility.If you want to be an owner, contact on Telegram: @purism12 or @ImpotentDude" and leave an email address: purism@cyberfear.com
The home page mentions the Breached forum and posts "Update about breachforums.vc !!!" :
Do not use BreachForums.VC !!! ShinyHunters and Baphomet fail OPSEC..
Backend real IP of forum (BreachForums.vc): 45.140.17.4
Backend CDN IP (cdn.breachforums.vc) : host-18.dedicated.vsys.host:806 - Based on vsys.host !
However, a warning has been issued by a Telegram channel possibly run by the Medusa ransomware gang, which says: "Don't try to contact @purism12 or @ImpotentDude to purchase https://exposed.vc forum, it's a complete scam. They actually have access to that forum, but are scamming many users with $2,000-$3,000 before retirement. More than 4 users are already scammed and reported." That is, the forum team is running an exit scam.
What's even stranger is that the announcement of the Exposed site sale coincided with BreachForums' announcement of its restoration.
The forum welcome message said, "The forum is back and it will be managed by the same team."
Why such a coincidence
The Telegram channel of vx-underground, a leading cybersecurity analysis group, posted a message that
Exposed, the forum designed to be the replacement to Breached, is for sale.
Meanwhile, Breached forum has returned. The previous owner who worked in conjunction with Pompompurin, Baphomet, is now working alongside the infamous ShinyHunters group.
vx-underground directly links the relaunch of BreachForums to the fact that Baphomet joined ShinyHanters, after Pompompurin himself was arrested by the FBI in March 2023 and Baphomet announced the closure of BreachForums.
Sources say the ShinyHanters hacking group specializes in stealing user data from websites and various services. It has been active since at least 2020, in which they managed to steal about 500GB of software code for Microsoft products from the company's shuttered GitHub account. Before that, they stole data from 91 million accounts of Indonesian retail giant Tokopedia. Other victims included Wattpad, PlutoTV, and Bonobos.
As early as early June 2023, the Exposed forum was seen in dark web circles as a potential alternative to Breached, and in particular, "Purism" declared war on Breached, saying that its founders "don't know how to keep their users safe ". However, "ODN" will continue to follow up on whether the relaunch of the Breached forum led to the closure of the Exposed forum.
For more dark web news, please follow "ODN".