BreachForums, one of the most popular underground forums for sharing malware, stolen data, and more – was taken down. Now, the admin seems to be giving up and looking for someone to pass the torch to.
Over the weekend, the Cyber Counter-Intelligence Threat Investigation Consortium (CCITIC) posted on LinkedIn, saying that both the clearnet and Tor versions of BreachForums were displaying a 502 – Bad Gateway error. CCITIC is a non-profit which investigates cybersecurity threats and assists law enforcement in takedown efforts, and the organization said it managed to identify the upstream servers behind BreachForums, all hosted on DigitalOcean (ASN 14061) in the Frankfurt am Main datacenter.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign
February 25, 2026
Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents. The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. This prolific, elusive actor has ...
- North Korea’s Lazarus Group targets healthcare orgs with Medusa ransomware
February 24, 2026
North Korea’s Lazarus Group appears to have added another tool to its kit. It has begun using Medusa ransomware in extortion attacks targeting at least one US healthcare organization and an unnamed victim in the Middle East, according to Symantec and Carbon Black threat hunters. The US healthcare attempt failed, while the Middle East organization was ...
- Fake Zoom meeting “update” silently installs surveillance software
February 24, 2026
A fake Zoom meeting website is silently pushing surveillance software onto Windows machines. Visitors land on a convincing imitation of a Zoom video call. Moments later, an automatic “Update Available” countdown downloads a malicious installer—without asking for permission. The software being installed is a covert build of Teramind, a commercial monitoring tool companies use to record ...
- Russian hackers target European firms with new spear-phishing cyberattacks
February 24, 2026
APT28, the infamous Russian state-sponsored hacking group also known as Fancy Bear, or Sofacy, has been observed targeting “specific entities” in Western and Central Europe with infostealers. In a newly released report, security researchers Lab52 from S2 Grupo detailed “Operation MacroMaze”, which has been ongoing since at least late September 2025 through January 2026. The campaign ...
- Australia: Cyber attack takes major chicken processor Hazeldenes offline leaving businesses without meat
February 23, 2026
A cyber attack at major chicken meat processor Hazeldenes in central Victoria has led it to shutdown its wi-fi system on site, and a shortage of chicken at pubs and butchers across the state. Retail and industry have told the ABC that the chicken meat processor has been unable to fill some orders because it cannot ...
- AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
February 23, 2026
Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS. The campaign, which ran from mid-January to mid-February, relied less on clever zero-days and more on the equivalent of trying every digital door handle – just ...