Redazione RHC : 28 July 2025 08:55
If weeds aren’t pulled out by the roots, they’ll grow back, much more vigorous than before. This is cybercrime, and this is the new rebirth, the fifth ever from the roots of RaidForums!
BreachForums, the well-known cybercrime discussion forum that disappeared from the clearnet after being seized by law enforcement, is back online this week. The relaunch is reportedly led by the original administrators themselves, who have restored the entire historical archive: user accounts, private messages, and reputations have remained intact.
In fact, the old pairs of credentials (username and password) are functional again, a sign that the entire database has been restored and made available to users. This unexpected reappearance has raised concerns among security researchers, while reassuring the forum’s criminal users (for example, in the Jacuzzi group on Telegram), many of whom had already given up on their data and accumulated reputation.
The forum displays over 7.3 million posts distributed across approximately 13,000 threads, figures identical to the snapshot taken shortly before it was shut down. This seems to confirm the administrators’ words: “Your accounts, your posts, your reputation: nothing has been lost or changed.”
The return was made official in a post signed by the administrator known as “NA.” The statement clarifies that no core staff members were arrested during the shutdown that occurred months ago.
According to the statement, the forum domain was voluntarily suspended last April after a zero-day vulnerability in MyBB (the site’s underlying software) was exploited against several communities. Administrators say they fixed the bug and reinstated the domain after clearing up what they call “misconceptions” spread by rival users and competitors.
Despite the attempt to convey normalcy – “As far as we’re concerned, it’s business as usual” – the speed of the reinstatement is fueling suspicion among investigators. After the FBI’s operation in March, many thought the market for stolen databases and malware hosted by BreachForums had been dismantled forever.
Instead, less than four months later, the same user handles have reappeared, cryptocurrency wallets and reputation scores. This suggests that the operators had secure external backups and never handed over the encryption keys.
To strengthen the trust of its approximately 340,000 registered members, BreachForums has introduced a revamped moderation system and promised regular updates on the legal situation surrounding the platform. The message also mentions “changes in the coming weeks” designed to increase transparency, although several industry analysts believe this is merely cosmetic.
The return of BreachForums highlights, once again, the resilience of online criminal communities and the difficulty for authorities to permanently neutralize marketplaces dedicated to breached databases, malware, and sensitive information.
Redazione