The administrator behind defunct cybercrime haven BreachForums was arrested after violating his parole, according to court documents filed this week.
Conor Brian Fitzpatrick was arrested on January 2 by FBI officers after officials told a judge that he had violated his parole by using a computer and VPN services without the required monitoring software enabled.
The 21-year-old originally was arrested last March at his parent's home in Peekskill, New York, for his role in running BreachForums - one of the most visited cybercrime forums available to those looking to sell or purchase stolen data.
When Fitzpatrick first agreed to the plea deal, the court provided a strict list of things he was not allowed to do, including accessing a computer without a computer monitoring program installed by court officials.
The software both restricted access to some sites and recorded all activity on the device.
He was also banned from communicating with anyone under the age of 18 and from accessing any websites related to stolen data or hacking.
He was not allowed to use VPNs, the Tor browser, or proxy services.
On Tuesday, Fitzpatrick appeared before Magistrate Judge Judith C. McCarthy after his arrest and acknowledged the violations of his pretrial release.
Fitzpatrick is facing decades in prison for his years of involvement in several high-profile hacking scandals.
The first two hacking charges carry a 10-year maximum sentence and the child pornography charge carries a 20-year sentence.
All three charges come with significant fines and Fitzpatrick has agreed to forfeit his assets.
While the plea agreement means Fitzpatrick will not face more charges in the Eastern District of Virginia, the agreement does not give him immunity from prosecution in other states.
Fitzpatrick's plea agreement confirmed that he helped run BreachForums from March 2022 to March 15, 2023 - which in turn helped others market stolen payment card data, bank routing and account numbers, Social Security numbers, login credentials and more.
The Justice Department said BreachForums facilitated access to the sensitive personal information of millions of U.S. citizens.
The agreement references several specific cases, including a headline-grabbing post on December 18, 2022, concerning stolen information on 87,760 members of InfraGuard, a partnership between the FBI and private sector companies focused on the protection of critical infrastructure.
It also notes Fitzpatrick's role in the sale of sensitive data stolen from Washington, D.C.'s healthcare marketplace, one used by members of Congress.
The domain of BreachForums was seized last June and while other administrators tried to revive it, the effort was eventually abandoned.
Hackers using Remcos malware to spy on Ukraine have become stealthier, researchers find.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.
This Cyber News was published on therecord.media. Publication date: Thu, 04 Jan 2024 19:40:27 +0000