BreachForums admin faces jail time again: caught using VPN and unmonitored PC

BreachForums admin's legal troubles

BreachForums admin confesses to various cybercrimes

The narrative surrounding Conor Fitzpatrick, the mastermind behind the notorious BreachForums hacking forum, takes a dark turn as new revelations unfold. Fitzpatrick was arrested on March 15th, and his legal problems worsened when, in the process of being taken into custody, he revealed something shocking without the presence of an attorney.^[1] Unexpectedly, he revealed his identity as Pompompurin, the elusive threat actor that was behind the now-defunct BreachForums. His essential position in coordinating cybercrime activities within a community devoted to hacking businesses and trafficking stolen data was solidified by this confession.

Fitzpatrick's arrest has even more significance because he had established himself as a major figure in the cybercrime scene before RaidForums' collapse in 2022. After the FBI took RaidForums, he quickly changed course and launched BreachForums as a replacement website. This new forum continued the dark legacy of its predecessor, providing a hub for cybercriminals to trade in sensitive information stolen from millions of U.S. citizens and numerous companies, organizations, and government agencies.^[2]

Fitzpatrick, going by the handle Pompompurin, was involved in RaidForums and its follow-up, BreachForums, in addition to helping to share stolen data illegally. The forums acted as havens for cybercrime, providing a setting in which hackers could exchange methods, transact business, and take advantage of vulnerabilities to make money.

Violations and arrest

Shortly after his initial arrest, Fitzpatrick was released on a $300,000 bond; nevertheless, his subsequent actions have raised troubling suspicions. Strict pretrial conditions were set by the court to put an end to his alleged criminal behavior. These conditions included refraining from visiting the BreachForums website, avoiding contact with any BreachForums users or co-conspirators without legal supervision, and crucially, restrictions on his computer and internet usage.

Recent events, however, seem to indicate that Fitzpatrick deliberately disregarded these court-imposed limitations. He was taken into custody once more on January 2, this time for violating the conditions of his pretrial release. Fitzpatrick was placed under arrest for violating court-mandated conditions by using an unmonitored computer and using a VPN, according to a court document called the Waiver of Speedy Presentment. According to the paper,^[3] his acknowledgment recognized the breach:

I understand that the petition alleges certain violations of the conditions of my pretrial release, including use of a computer without the required monitoring software and access to VPN services.

Fitzpatrick's legal situation has become more complex as a result of his subsequent detention. He is currently awaiting his appearance in court in the Eastern District of Virginia, where the charges against him first surfaced. In addition to endangering his chances of a successful ending in the current legal procedures, the violation of pretrial restrictions raises concerns about how well cybercriminals are being monitored while they are being released from custody.

Future proceedings

He faces harsh penalties that could have an impact on his past illegal actions. Fitzpatrick, who entered a guilty plea to charges of conspiring to commit access device fraud and possessing material related to child sex abuse, is now subject to further sanctions for breaking pretrial orders. He faces a maximum 10-year sentence for each allegation of access device fraud and a maximum 20-year term for the substantial offense of child sex abuse if found guilty, all of his possessions, including the money he made illegally, could be seized.

The sentence hearing for Fitzpatrick was rescheduled until January 19, 2024, from its original date of November 17, 2023. The reason for the delay was identified as a psycho-sexual expert's overwhelming workload, which prevented them from finishing an evaluation in time. The story surrounding BreachForums itself continues, with the forum still running under new management, while the cybercrime community watches the court case to see what will happen to the administrator.