Five Eyes and Allies Allegedly Take Down BreachForums as Threat Groups Claim Responsibility
The infamous dark web marketplace BreachForums saw its website taken down in a cyberattack on its systems, with a pair of threat actors claiming responsibility for the attack.
The R00TK1T threat group, along with CyberArmyofRussia, a pro-Russian threat group, claimed to be behind the notorious website removal from hacking forums.
“We are R00TK1T and the CyberArmyofRussia attack group, we are proud to announce our success in taking down the BreachForums servers,” R00TK1T said on Telegram.
“The site is currently down due to the magnitude of our attack, which was executed with extreme precision and efficiency.”
Alongside the message, the group posted a test message from BreachForum administrator Baphomet on Telegram, admitting that the site was down.
“The domain is currently suspended. We are working on it. We apologize for any inconvenience,” Baphomet said.
The threat group also promised to publish a list of the forum’s users, including emails and IP addresses.
Responding to the claims, Baphomet said the incident was being investigated and the forum’s TOR dark web page was still operational.
Shortly after, BreachForums came back online with a new domain, and Baphomet added that investigations had revealed that it was not R00TK1T and CyberArmyofRussia behind the attack, but international law enforcement agencies.
“After a thorough investigation, we have determined that this activity is part of not only the ‘Five Eyes’ network, but also other large nations working together to silence our forums,” Baphomet said on Telegram.
“Our domain (.cx) was suspended, which is not really new when it comes to running a forum like ours. We currently have a temporary domain available to all users: breakforums.st.
“As happens every time we experience downtime or a domain suspension, groups of morons take credit despite literally doing nothing but mashing their pig fingers on a keyboard the moment something goes wrong. on our forum,” Baphomet added in a possible reference to R00TK1T and the CyberArmyofRussia.
“At this point, it hasn’t been seized, hacked, or even reasonably attacked. There is a chance that we may experience DDoS attacks like every time we come back after any downtime or suspension, so please bear with us.”
R00TK1T responded to Baphomet once again, promising that denying his involvement would have consequences.
“Attention, Baphomet, the owner of Breachforums,” R00TK1T said.
“After you decided to go to war with the wrong opponents and after you denied any connection to our attacks even though your forum was down for almost an entire day, we are taking a step forward to disrupt and destroy your forums. Expect chaos in the coming days.
“Together with our friends in the Russian Cyber Army, we are ready to unleash a torrent of chaos that will leave you stunned. So buckle up because this trip is going to be quite an adventure!