Authorities in the US have charged a British nationwide, Kai Logan West, extensively identified on-line as “IntelBroker“, with a sequence of high-profile knowledge breaches that collectively brought about at the least $25 million in damages to corporations worldwide. The 23-year-old was arrested in France in February 2025 and now faces extradition to the US to face trial within the Southern District of New York.
As reported by Hackread.com, IntelBroker’s arrest was adopted by a number of others, together with 4 people linked to the ShinyHunters hacker group. Each IntelBroker and members of ShinyHunters had been concerned in administering and moderating the cybercrime and knowledge breach discussion board BreachForums.
The unsealed criticism (PDF), dated February 2025, lays naked the FBI’s two-year investigation into West’s cybercrime operations, connecting him to dozens of knowledge breaches, gross sales of stolen knowledge, and the management of a hacking collective working on clear and darkish internet boards.
Who Is IntelBroker?
Utilizing aliases like “IntelBroker” and “Kyle Northern”, West constructed a repute on a transparent and darkish internet discussion board identified within the indictment as “Discussion board‑1” ( BreachForums). Working underneath the banner of a hacking crew referred to as CyberN (previously “The Boys”), IntelBroker supplied hacked databases from authorities businesses, healthcare suppliers, telecommunications companies, and web service suppliers.
Between 2023 and early 2025, West authored at the least 158 threads providing stolen knowledge on Discussion board‑1, with 41 of them involving US corporations. The FBI notes that at the least $2 million price of Monero cryptocurrency was solicited for the stolen data.
In 2024, IntelBroker was listed because the “proprietor” of Discussion board‑1, and his fame skyrocketed as he gave away some knowledge leaks totally free to spice up credibility, collect a following, and appeal to patrons.
How the FBI Tracked Down IntelBroker
What West didn’t know was that FBI brokers had been watching intently. The bureau deployed undercover officers posing as patrons on Discussion board‑1. On at the least two events, brokers bought stolen knowledge straight from IntelBroker.
In January 2023, one agent purchased an API key and login credentials for a corporation dubbed “Sufferer‑7.” Though the credentials had been restricted in worth, the transaction turned a key ingredient in monitoring his identification when IntelBroker requested for fee in Bitcoin (as a substitute of Monero) and supplied a pockets handle that might be traced on the blockchain.
FBI blockchain analysts adopted the cash and located that:
- The Bitcoin pockets used for the transaction had been seeded from one other pockets linked to an account on a monetary platform referred to as Ramp.
- That Ramp account was registered utilizing a UK provisional driving license issued to Kai Logan West.
- The identical identification, Kai West, additionally owned a Coinbase account underneath the alias Kyle Northern, however with KYC verification; confirming it was the identical particular person.
Additional connecting the dots, each accounts had been linked to a Gmail handle utilized by West for private issues, together with:
- Cloud-stored selfies
- Receipts and ID paperwork
- UK College Housing and Tuition communications
- Movies showcasing networking instruments like “GPRS Smash”
The e-mail additionally included a scholar certificates exhibiting West was enrolled in a Cyber Safety program.
On-line Footprints and Discussion board Exercise
West didn’t simply transact carelessly, he additionally uncovered himself by linking his on-line exercise to non-public behaviour. His IntelBroker posts on Discussion board‑1 typically referenced YouTube movies that he had simply considered from his private e-mail account, and he often up to date his signature block to listing members of his hacking group, which made it simpler to hint his involvement throughout a number of threads.
When Discussion board‑1 was seized and shut down in 2024 and relaunched, all outdated posts inherited the up to date signature, making a constant path of West’s exercise and affiliations courting again to early 2023.
The Sufferer Checklist: Telecoms, Healthcare, ISPs
The indictment outlines at the least six victims, referred to solely as Sufferer‑1 by means of Sufferer‑6. Sufferer‑1, a telecom supplier, had knowledge exfiltrated and deleted from a internet hosting server in Manhattan, leading to harm estimated within the a whole bunch of hundreds.
Sufferer‑3, a municipal healthcare supplier, had the private and well being knowledge of over 56,000 people stolen, which West later offered to an undercover FBI agent for $1,000 in Monero. Sufferer‑6, an web service supplier, was compromised utilizing data from earlier leaks to breach an inner server.
In every case, West publicly supplied proof samples, negotiated gross sales through personal messages, and accepted solely Monero to keep up anonymity, although the paper path caught up.
Nevertheless, since Hackread.com solely reported on IntelBroker’s knowledge breaches, here’s a complete listing of knowledge breaches and leaks claimed by the hacker:
Right here is the listing sorted from shortest to longest by character depend:
- AMD
- Apple
- Cisco
- Nokia
- US DoD
- Europol
- T-Cell
- Robert Half
- House Eyes
- House Depot
- Tech in Asia
- Normal Electrical
- LA Intl. Airport
- HSBC & Barclays Financial institution
- Fb Market
- Weee! Grocery Service
- UAE’s Lulu Hypermarket
- US Federal Contractor Acuity
- Hewlett Packard Enterprise (HPE)
- MIT Know-how Evaluation Journal
- An unnamed however “High” Cybersecurity Agency
Prison Expenses
West has been charged with 4 federal offences:
- Wire fraud
- Conspiracy to commit wire fraud
- Conspiracy to commit laptop intrusions
- Accessing a protected laptop to defraud and procure worth
Every carries the potential for a number of years in jail, significantly when involving well being knowledge or affecting important infrastructure.
The FBI’s Particular Agent Carson Hughes and US Lawyer Jay Clayton emphasised the worldwide attain and hazard of IntelBroker’s operations. The FBI referred to as the case “a warning” to cybercriminals who consider on-line anonymity shields them from penalties.
Did IntelBroker Work for the UK’s Nationwide Crime Company?
Kai West offered himself professionally as a cybersecurity researcher and operated underneath two separate identities on LinkedIn, one as Kyle Northern and the opposite as Ok West. This was first flagged by Nathaniel Fried, Co-founder and CEO at 0xbowio, who shared particulars of West’s twin profiles with Hackread.com.
Notably, the Kyle Northern profile claimed he labored as a Safety Researcher Trainee on the UK’s Nationwide Crime Company (NCA) from September to October 2019. If correct, this function may have concerned entry to labeled techniques, because the NCA offers with severe organized crime and nationwide safety. Whereas the NCA affiliation stays unverified, West’s claimed background in cybersecurity and his educational path counsel the likelihood shouldn’t be dismissed outright.
West in France because the US Seeks Extradition
West stays in French custody, and US officers are actively searching for extradition. If convicted, he may face a long time behind bars. In the meantime, Discussion board‑1 has been offline since April 2025, reportedly as a consequence of a MyBB zero-day vulnerability. A lot of its members have since migrated to different platforms, together with DarkForums and the Russian-language cybercrime discussion board XSS.
The publicity of IntelBroker stands out as a serious cybercrime takedown. What made it doable was a mixture of undercover FBI work, cryptocurrency monitoring, and even old-school e-mail proof, all of which helped monitor probably the most well-known figures on cybercrime boards.
