Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?


Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again.

However, questions have been raised over whether it is a genuine attempt to revive the forums once again or set up as a lure by law enforcement to entrap more data dealers and cybercriminals.

Read more…
Source: Malwarebytes labs


Sign up for our Newsletter


Related:

  • Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware

    May 6, 2026

    Researchers at Rapid7 say that they have spotted what they believe was an Iranian intelligence cyber unit masquerading as the Chaos ransomware gang to hide a state-sponsored espionage operation. The intrusion was spotted earlier this year, and investigators say breadcrumbs left behind give them “medium confidence” in saying it was the work of MuddyWater, which has ...

  • DOJ says ransomware gang tapped into Russian government databases

    May 6, 2026

    A U.S. court has sentenced Latvian hacker Deniss Zolotarjovs to more than eight years in prison following his conviction for carrying out ransomware attacks. The Justice Department accused the hacker of working for a notorious Russian ransomware gang called Karakurt, which was led by former leaders of the Akira and Conti ransomware gangs, who were sanctioned ...

  • DAEMON Tools software compromised with a malicious payload

    May 5, 2026

    In early May 2026, Kaspersky researchers identified installers of the DAEMON Tools software, used for mounting disk images, to be compromised with a malicious payload. These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers. Kaspersky analysis revealed that the software installers have been ...

  • Trellix confirms data breach after hack of ‘a portion’ of its source code

    May 5, 2026

    Cybersecurity giant Trellix has confirmed suffering a cyberattack in which threat actors accessed parts of its source code. In a brief announcement published on its website, Trellix said it had identified “unauthorized access to a portion of source code repository”. As soon as it spotted the intrusion, the company brought in third-party security experts to ...

  • Thousands of Facebook accounts stolen by phishing emails sent through Google

    May 4, 2026

    Researchers have uncovered a long-running phishing operation that abuses trusted Google services to hijack tens of thousands of Facebook accounts. The compromised Facebook accounts are mainly business and advertiser profiles, which criminals can monetize after gaining access and control. The attackers found a way to send phishing emails that come “through Google,” making them look legitimate ...

  • Employees are now more dangerous to their company than external hackers

    May 4, 2026

    New data from Orange Cyberdefense has suggested the biggest risks companies face could now be coming from inside, with internal threats rising from 47% to 57% in the space of less than a year. For the first time ever, internal threats have become more common that external ones, with hacking remaining pretty steady at 31% of ...