BreachForums’ Former Admin Avoids Prison, Gets 20 Years Of Supervised Release
Read also: Sanctions used for the first time for a Russian cybercriminal, Trickbot member gets a 5-year prison sentence, and more.
Thursday, January 25, 2024
BreachForums’ Pompompurin gets 20 years of supervised release
Conor Brian Fitzpatrick, the mastermind behind the notorious BreachForums underground forum, was sentenced to 20 years of supervised release, although prosecutors have asked for 188 months of imprisonment for Fitzpatrick.
BreachForums shut down by the US authorities in June 2023, was known for trading and leaking stolen personal data belonging to hundreds of millions of individuals worldwide. Operating under the alias “Pompompurin,” Fitzpatrick established BreachForums after the FBI dismantled RaidForums, one of the world’s biggest hacker forums to buy and sell stolen data, in April 2022.
Fitzpatrick's role in the creation and operation of BreachForums drew the attention of law enforcement, leading to his arrest in March 2023. The charges against Fitzpatrick included his participation in the theft and sale of sensitive personal data belonging to individuals, organizations, government agencies and businesses worldwide. He was released on bail but later re-arrested after breaking his pre-trial release.
Fitzpatrick will be under home arrest for the first two years, monitored by a GPS device. Additionally, he is forbidden from accessing the internet during the initial year of his supervised release.
Request your free demo now and talk to our experts.
Ukrainian and Czech authorities dismantle an international phishing network
A joint operation conducted by the Ukrainian National Police and Czech law enforcement resulted in the arrest of a number of members of a criminal organization involved in a sophisticated phishing scheme. The criminals had established a network of phishing call centers in the capital, Kyiv, and deceived dozens of foreigners, stealing nearly 2 million Czech crowns (~80,000 euros).
An investigation revealed that the criminals spread phishing links via Czech online marketplaces, persuading customers to follow fake payment links.
After obtaining victims’ payment data through fraudulent web pages, the criminals withdrew money from the victims' accounts to bank cards under their control or converted funds into cryptocurrency.
The police arrested one of the organizers and eight members of the phishing gang and seized computer equipment, laptops, mobile phones, bank cards, and SIM cards, as well as work-related documents.
Australia sanctions an alleged member of the REvil ransomware gang for the Medibank hack
The Australian government sanctioned a Russian hacker, identified as 33-year-old Aleksandr Ermakov, for his alleged involvement in a high-profile ransomware attack on Medibank, the country's largest private health insurer. This marks the first time Australia has leveraged its Magnitsky-style laws, introduced in late 2021, designed to combat human rights abuses and serious corruption, as well as “egregious acts of international concern,” including cyber-attacks.
The incident, described as Australia's most significant data breach, took place in November 2022 and resulted in the theft of sensitive medical records belonging to roughly 10 million people. The stolen data included names, dates of birth, Medicare numbers, and sensitive medical information. Some of the pilfered data had been leaked on the dark web, exposing details on drug abuse, sexually transmitted infections, and pregnancy terminations.
Ermakov is believed to be a member of the notorious Russian ransomware gang REvil, who the Australian government said had been under investigation for 18 months.
The sanctions imposed on Ermakov include strict travel bans and financial measures. These measures empower the Australian government to freeze the assets of the accused, extending to cryptocurrency wallets and ransomware payments. Any provision of assets to Ermakov may result in severe penalties, including a prison sentence of up to 10 years and significant fines. The UK and US authorities have also inflicted similar sanctions on Ermakov.
A data seller faces up to 20 years for running a fraud operation
A Baltimore man is now facing a potential maximum 20-year prison sentence following charges related to his alleged involvement in running an online service that facilitated the sale of personally identifiable information (PII), subsequently used for social engineering campaigns, financial fraud and extortion.
The defendant, Chouby Charleron, aka “The Real Jwet King,” is accused of running a TLO (Third-Level Offering) data service that sold the personal information of victims to cybercriminals. He was charged with conspiracy to commit wire fraud.
According to a criminal complaint filed by a Postal Inspector with the US Postal Inspector Service, Charleron has been operating the scheme from around February 2020 until May 5, 2023, and allegedly managed to sell the PII, including Social Security numbers, of over 5,000 victims.
The process of data purchase involved a customer sending Charleron the name and address of a target along with about $25 paid in Bitcoin or through a mobile payment app. In return, Charleron would provide the requested personal data.
Trickbot hacker sentenced to over 5 years in prison in the US
Vladimir Dunaev, a 40-year-old Russian national affiliated with the notorious Trickbot cybercrime syndicate, was sentenced to five years and four months in prison for conspiracy to commit computer fraud and conspiracy to commit wire fraud. The sentence is slightly less than the six-and-a-half years sought by prosecutors.
During the court proceedings, Dunaev argued that initially he was unaware of the full scope of his involvement in the worldwide malware and ransomware operations. However, once he realized he was working for a cybercriminal organization that hacked and extorted millions of dollars from businesses, governments, and hospitals worldwide, he kept making excuses and continued to develop malware for the group.
The case against Dunaev is part of a broader crackdown on Trickbot and its offshoot, the Conti ransomware gang. In September 2023, the US authorities charged several other members of Trickbot and Conti, but as of now, no arrests have been made.
Dunaev's sentencing follows the conviction of another Trickbot member, Alla Witte, who was sentenced to two years and three months in prison before being deported. Upon completion of his sentence, Dunaev will also be deported.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
