Total Tests:
Blog Filters reset x
By Incident
By Jurisdiction
Show More

BreachForums’ Former Admin Avoids Prison, Gets 20 Years Of Supervised Release

Read also: Sanctions used for the first time for a Russian cybercriminal, Trickbot member gets a 5-year prison sentence, and more.

Thursday, January 25, 2024
Views: 4.1k Read Time: 3 min.

BreachForums’ Former Admin Avoids Prison, Gets 20 Years Of Supervised Release

BreachForums’ Pompompurin gets 20 years of supervised release

Conor Brian Fitzpatrick, the mastermind behind the notorious BreachForums underground forum, was sentenced to 20 years of supervised release, although prosecutors have asked for 188 months of imprisonment for Fitzpatrick.

BreachForums shut down by the US authorities in June 2023, was known for trading and leaking stolen personal data belonging to hundreds of millions of individuals worldwide. Operating under the alias “Pompompurin,” Fitzpatrick established BreachForums after the FBI dismantled RaidForums, one of the world’s biggest hacker forums to buy and sell stolen data, in April 2022.

Fitzpatrick's role in the creation and operation of BreachForums drew the attention of law enforcement, leading to his arrest in March 2023. The charges against Fitzpatrick included his participation in the theft and sale of sensitive personal data belonging to individuals, organizations, government agencies and businesses worldwide. He was released on bail but later re-arrested after breaking his pre-trial release.

Fitzpatrick will be under home arrest for the first two years, monitored by a GPS device. Additionally, he is forbidden from accessing the internet during the initial year of his supervised release.

ImmuniWeb can help prevent data breaches and meet regulatory requirements.
Request your free demo now and talk to our experts.

Ukrainian and Czech authorities dismantle an international phishing network

A joint operation conducted by the Ukrainian National Police and Czech law enforcement resulted in the arrest of a number of members of a criminal organization involved in a sophisticated phishing scheme. The criminals had established a network of phishing call centers in the capital, Kyiv, and deceived dozens of foreigners, stealing nearly 2 million Czech crowns (~80,000 euros).

An investigation revealed that the criminals spread phishing links via Czech online marketplaces, persuading customers to follow fake payment links.

After obtaining victims’ payment data through fraudulent web pages, the criminals withdrew money from the victims' accounts to bank cards under their control or converted funds into cryptocurrency.

The police arrested one of the organizers and eight members of the phishing gang and seized computer equipment, laptops, mobile phones, bank cards, and SIM cards, as well as work-related documents.

Australia sanctions an alleged member of the REvil ransomware gang for the Medibank hack

The Australian government sanctioned a Russian hacker, identified as 33-year-old Aleksandr Ermakov, for his alleged involvement in a high-profile ransomware attack on Medibank, the country's largest private health insurer. This marks the first time Australia has leveraged its Magnitsky-style laws, introduced in late 2021, designed to combat human rights abuses and serious corruption, as well as “egregious acts of international concern,” including cyber-attacks.

The incident, described as Australia's most significant data breach, took place in November 2022 and resulted in the theft of sensitive medical records belonging to roughly 10 million people. The stolen data included names, dates of birth, Medicare numbers, and sensitive medical information. Some of the pilfered data had been leaked on the dark web, exposing details on drug abuse, sexually transmitted infections, and pregnancy terminations.

Ermakov is believed to be a member of the notorious Russian ransomware gang REvil, who the Australian government said had been under investigation for 18 months.

The sanctions imposed on Ermakov include strict travel bans and financial measures. These measures empower the Australian government to freeze the assets of the accused, extending to cryptocurrency wallets and ransomware payments. Any provision of assets to Ermakov may result in severe penalties, including a prison sentence of up to 10 years and significant fines. The UK and US authorities have also inflicted similar sanctions on Ermakov.

A data seller faces up to 20 years for running a fraud operation

A Baltimore man is now facing a potential maximum 20-year prison sentence following charges related to his alleged involvement in running an online service that facilitated the sale of personally identifiable information (PII), subsequently used for social engineering campaigns, financial fraud and extortion.

The defendant, Chouby Charleron, aka “The Real Jwet King,” is accused of running a TLO (Third-Level Offering) data service that sold the personal information of victims to cybercriminals. He was charged with conspiracy to commit wire fraud.

According to a criminal complaint filed by a Postal Inspector with the US Postal Inspector Service, Charleron has been operating the scheme from around February 2020 until May 5, 2023, and allegedly managed to sell the PII, including Social Security numbers, of over 5,000 victims.

The process of data purchase involved a customer sending Charleron the name and address of a target along with about $25 paid in Bitcoin or through a mobile payment app. In return, Charleron would provide the requested personal data.

ImmuniWeb Newsletter

Get exclusive updates and invitations to our events and webinars:

Private and Confidential Your data will stay private and confidential

Trickbot hacker sentenced to over 5 years in prison in the US

Vladimir Dunaev, a 40-year-old Russian national affiliated with the notorious Trickbot cybercrime syndicate, was sentenced to five years and four months in prison for conspiracy to commit computer fraud and conspiracy to commit wire fraud. The sentence is slightly less than the six-and-a-half years sought by prosecutors.

During the court proceedings, Dunaev argued that initially he was unaware of the full scope of his involvement in the worldwide malware and ransomware operations. However, once he realized he was working for a cybercriminal organization that hacked and extorted millions of dollars from businesses, governments, and hospitals worldwide, he kept making excuses and continued to develop malware for the group.

The case against Dunaev is part of a broader crackdown on Trickbot and its offshoot, the Conti ransomware gang. In September 2023, the US authorities charged several other members of Trickbot and Conti, but as of now, no arrests have been made.

Dunaev's sentencing follows the conviction of another Trickbot member, Alla Witte, who was sentenced to two years and three months in prison before being deported. Upon completion of his sentence, Dunaev will also be deported.

What’s next:

Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law.
Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential