'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
January wasted no time reminding everyone that the internet never forgets, and karma has a calendar.
We’ll start with Empire Market, one of the largest dark web marketplaces of its era. Operating between 2018 and 2020, Empire processed over four million transactions and became a fan favorite in underground circles. It offered the usual greatest hits: cannabis, cocaine, stolen credit cards, counterfeit goods, and malware, all wrapped in a slick interface that made avoiding street deals feel almost… convenient.
Then, in 2020, Empire did what so many before it had done: exit scammed its users for an estimated $30 million in crypto and vanished into the night. Or so they thought.
Fast-forward to today, and reality has finally caught up. Raheim Hamilton, the market’s co-creator, has entered a plea deal and is set to be sentenced on June 17 in the Northern District of Illinois. There’s a mandatory minimum of ten years in federal prison, proving once again that while crypto transactions are fast, consequences can take their sweet time.
Next up: BreachForums, or more accurately, the ongoing BreachForums reboot disaster.
At this point, there have been so many failed resurrection attempts that calling it “a comeback” feels generous. Currently, there are two competing versions of BreachForums operating simultaneously on the dark web. In true crime-forum fashion, they absolutely hate each other. Let’s call them BF1 and BF2.
BF1’s admins managed to leak BF2’s private Telegram staff chats, posting them to Doxbin alongside a full dox of BF2’s admin, including name, religion, education, and approximate location. Because why stop at screenshots when you can go full scorched earth? Not to be outdone, BF2’s admin allegedly obtained the personal phone numbers of BF1’s admins and possibly staff, and reportedly started calling one of their mothers. Yes. Someone’s mum.
Law enforcement, meanwhile, is likely watching this unfold like it’s a Netflix limited series. This kind of infighting doesn’t just destroy forums, it creates beautifully detailed evidence trails that future arrest warrants are built on.
And finally, January ended with a reminder that crypto crime consequences vary wildly depending on jurisdiction.
The Chinese government executed 11 members of the Ming crime family for operating a massive crypto scam empire out of Myanmar. The operation employed more than 10,000 people, running large-scale “pig butchering” scams, long-term romance frauds designed to drain victims emotionally and financially.
Employees who tried to leave were reportedly beaten or killed. The operation collapsed in 2023 when members of the crime family were captured in Myanmar and handed over to China by ethnic militias. The verdict? Swift. Final. Unambiguous.
So, January in summary:
- Exit scammers finally got exit scammed by reality
- Dark web forums turned into soap operas
- And one government made it very clear where it stands on crypto fraud
New year. Same internet.
https://breachaware.com/research/breach-bots-and-deepfake-drama
A total of 9 breach events were found and analysed resulting in 1,860,834 exposed accounts containing a total of 21 different data types of personal datum. The breaches found publicly and freely available included 1M+ Valid USA Forex 1 Million, Aternos [2], Costco - Taiwan, Do Big GPT and Alain Afflelou.
Encrypted Mayhem, Mega Leaks & AI Under Fire.
https://breachaware.com/research/encrypted-mayhem-mega-leaks-and-ai-under-fire
A total of 24 breach events were found and analysed resulting in 14,347,979 exposed accounts containing a total of 32 different data types of personal datum. The breaches found publicly and freely available included Instagram, Thermomix, Air Miles España Loyalty Program - Travel Club, Giglio and Qantas [Sample Data].
One Breach to Rule Them All: Why No Organisation Is Ever “Unaffected”
https://breachaware.com/research/one-breach-to-rule-them-all-why-no-organisation-is-ever-unaffected
A total of 19 breach events were found and analysed resulting in 52,354,695 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included ULP Alien Txt File - Episode 31, ULP 0038, ULP 0039, Stealer Log 0550 and WebDo.
We’ll start with Empire Market, one of the largest dark web marketplaces of its era. Operating between 2018 and 2020, Empire processed over four million transactions and became a fan favorite in underground circles. It offered the usual greatest hits: cannabis, cocaine, stolen credit cards, counterfeit goods, and malware, all wrapped in a slick interface that made avoiding street deals feel almost… convenient.
Then, in 2020, Empire did what so many before it had done: exit scammed its users for an estimated $30 million in crypto and vanished into the night. Or so they thought.
Fast-forward to today, and reality has finally caught up. Raheim Hamilton, the market’s co-creator, has entered a plea deal and is set to be sentenced on June 17 in the Northern District of Illinois. There’s a mandatory minimum of ten years in federal prison, proving once again that while crypto transactions are fast, consequences can take their sweet time.
Next up: BreachForums, or more accurately, the ongoing BreachForums reboot disaster.
At this point, there have been so many failed resurrection attempts that calling it “a comeback” feels generous. Currently, there are two competing versions of BreachForums operating simultaneously on the dark web. In true crime-forum fashion, they absolutely hate each other. Let’s call them BF1 and BF2.
BF1’s admins managed to leak BF2’s private Telegram staff chats, posting them to Doxbin alongside a full dox of BF2’s admin, including name, religion, education, and approximate location. Because why stop at screenshots when you can go full scorched earth? Not to be outdone, BF2’s admin allegedly obtained the personal phone numbers of BF1’s admins and possibly staff, and reportedly started calling one of their mothers. Yes. Someone’s mum.
Law enforcement, meanwhile, is likely watching this unfold like it’s a Netflix limited series. This kind of infighting doesn’t just destroy forums, it creates beautifully detailed evidence trails that future arrest warrants are built on.
And finally, January ended with a reminder that crypto crime consequences vary wildly depending on jurisdiction.
The Chinese government executed 11 members of the Ming crime family for operating a massive crypto scam empire out of Myanmar. The operation employed more than 10,000 people, running large-scale “pig butchering” scams, long-term romance frauds designed to drain victims emotionally and financially.
Employees who tried to leave were reportedly beaten or killed. The operation collapsed in 2023 when members of the crime family were captured in Myanmar and handed over to China by ethnic militias. The verdict? Swift. Final. Unambiguous.
So, January in summary:
- Exit scammers finally got exit scammed by reality
- Dark web forums turned into soap operas
- And one government made it very clear where it stands on crypto fraud
New year. Same internet.
This months cyber spotlight, vulnerability chat & privacy headlines.
Breach, Bots & Deepfake Dramahttps://breachaware.com/research/breach-bots-and-deepfake-drama
A total of 9 breach events were found and analysed resulting in 1,860,834 exposed accounts containing a total of 21 different data types of personal datum. The breaches found publicly and freely available included 1M+ Valid USA Forex 1 Million, Aternos [2], Costco - Taiwan, Do Big GPT and Alain Afflelou.
Encrypted Mayhem, Mega Leaks & AI Under Fire.
https://breachaware.com/research/encrypted-mayhem-mega-leaks-and-ai-under-fire
A total of 24 breach events were found and analysed resulting in 14,347,979 exposed accounts containing a total of 32 different data types of personal datum. The breaches found publicly and freely available included Instagram, Thermomix, Air Miles España Loyalty Program - Travel Club, Giglio and Qantas [Sample Data].
One Breach to Rule Them All: Why No Organisation Is Ever “Unaffected”
https://breachaware.com/research/one-breach-to-rule-them-all-why-no-organisation-is-ever-unaffected
A total of 19 breach events were found and analysed resulting in 52,354,695 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included ULP Alien Txt File - Episode 31, ULP 0038, ULP 0039, Stealer Log 0550 and WebDo.
