How the FBI caught BreachForums admin, Pompompurin aka Conor Fitzgerald

Ink

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Content source
https://techcrunch.com/2023/03/24/how-the-fbi-caught-the-breachforums-admin/
On Friday, the U.S. Justice Department announced that the now-arrested alleged administrator of the infamous hacking forum BreachForums facilitated the sale and purchase of private information that belonged to “millions of U.S. citizens and hundreds of U.S. and foreign companies, organizations, and government agencies.”

In a statement, prosecutors confirmed the arrest of Conor Fitzpatrick, 20, aka Pompompurin, of Peekskill, New York. Fitzpatrick is charged with one count of conspiracy to commit access device fraud, subject to a maximum of five years in prison if convicted.
Click to expand...

The feds collected several pieces of evidence to nab Pompompurin
Click to expand...
  • the IP addresses that Pompompurin used to access RaidForums, the predecessor of BreachForums
  • Pompompurin old email exposed in a data breach conorfitzpatrick02@gmail.com later confirmed by records from Google
  • Google Pay accounts linked to both that email address as well as a newer one, conorfitzpatrick2002@gmail.com both linked to a number owned by Fitzpatrick
  • records from Google showed conorfitzpatrick2002@gmail.com had a recovery email address funmc59tm@gmail.com linked to an IP address registered to someone with the last name Fitzpatrick and a different phone number (his father)
  • Pompompurin used several VPNs to connect to his Gmail account
  • records from Purse(dot)io revealed that four of the VPN IP addresses used to connect to the exchange were also used to connect to the conorfitzpatrick2002@gmail.com
  • another VPN IP address was also used to log into a Zoom account under the name “pompompurin” associated with a Riseup email address
  • records from Purse(dot)io also showed he made purchased and shipped them to his address with the phone number
  • 7 out of 9 IP addresses used to connect to Purse(dot)io were also used to connect to Pompompurin’s account on RaidForums
  • Pompompurin accessed his account from an IP address registered to Fitzpatrick’s father at the same home address
  • same IP address was used to access an iCloud account associated with Fitzpatrick
  • FBI obtained a warrant to get Fitzpatrick’s real-time cell phone GPS location from Verizon, allowing agents to observe that Pompompurin was logged in to BreachForums while his phone’s location showed he was at his home.

www.justice.gov

Justice Department Announces Arrest of the Founder of One of the World’s Largest Hacker Forums and Disruption of Forum’s Operation

The founder of BreachForums made his initial appearance today in the Eastern District of Virginia on a criminal charge related to his alleged creation and administration of a major hacking forum and marketplace for cybercriminals that claimed to have more than 340,000 members as of last week. In...
www.justice.gov www.justice.gov
 
  • Like
  • Applause
  • +Reputation
Reactions: Gandalf_The_Grey, Zero Knowledge, upnorth and 4 others
Z

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
You can't blame him for OPSEC mistakes. 20 years old? Remember how you used the internet @ 20? It wouldn't be good. I didn't even use a AV/AM on XP and torrented cracks and warez. :LOL: Remember Napster? LimeWire? Soulseek? AudioGalaxy? *Yes, I'm old" :LOL:.

You learn as you grow up though, and improve OPSEC with time.

What this case teaches us? VPN's are basically useless when you use personal email accounts and that data breaches have long running consequences. Once your email is hacked and out there it's out there but basically everyone's email is out there so...... :unsure:
 
Last edited:
  • Like
  • Applause
Reactions: vtqhtr413 and Gandalf_The_Grey
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Security News The law enforcement operations targeting cybercrime in 2023
Replies
0
Views
1,205
Security News
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • Sad
    • Wow
Gaming marketplace Traderie alerts users to data breach
Replies
0
Views
1,450
News Archive
vtqhtr413
vtqhtr413
upnorth
    • Wow
    • Like
    • +Reputation
US govt demands data on PyPI developers
Replies
1
Views
877
News Archive
Zero Knowledge
Z

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top