Do Son 
Following a high-profile FBI raid earlier this year, the infamous hacker forum Cracked.io has resurfaced under a new domain, retaining its original slogan. Thousands of both returning and new users have already registered on the restored platform.
On April 11 at precisely 6:01 PM Eastern Time, the forum’s new domain, Cracked.sh, officially announced its comeback. The post introduced a new administrator operating under the alias @Liars. “January 29, 2025, marked a very dark day in our history. It took us weeks to process what had happened and decide how and when to move forward. We are grateful to everyone who patiently waited for Cracked’s return,” the moderators wrote.
The site’s technical team successfully restored a backup from January 25. They are currently working on refining the “shoutbox” chat system and have promised to resolve all remaining issues in the coming days. As of April 11, the platform boasts 4.7 million registered users, one million threads, and over 36 million posts.
To recap, on January 29, 2025, the FBI conducted a sweeping operation codenamed “Operation Talent.” The raid resulted in the takedown of four major platforms: Cracked, Nulled, MySellIX, and StarkRDP. At the time their servers were seized, the two largest—Cracked.io and Nulled.to—had nearly nine million users. These sites were known for trafficking stolen data, hacking tools, and compromised credentials.
The MySellIX.io platform was used by Cracked administrators for payment processing, while the hosting provider StarkRDP.io had become a go-to service among cybercriminals. In their statement, Cracked’s new administration assured users that the servers were encrypted, preventing law enforcement from accessing messages or passwords.
Moderators also cautioned that despite enhanced security measures, there is no absolute guarantee against future raids, especially in the open web. Users were advised to change their passwords or delete private messages if necessary. Customers who made purchases between January 25 and 29 were instructed to contact @Liars for service restoration. A new payment system is expected to be operational within the week.
Such resurrections are not uncommon in the hacker forum ecosystem. The notorious BreachForums platform, for instance, experienced several revivals after the March 2023 arrest of its 20-year-old founder, Conor Brian Fitzpatrick, in New York. After the initial FBI takedown, the site was briefly revived by a new administrator, Blaphomet, only to be shuttered again in May 2024.
In summer 2023, the vx-underground repository reported that the forum had been seized by the prominent hacking group ShinyHunters. Yet within a month, rivals breached their database and leaked it online. In 2024, both ShinyHunters and the notorious actor USDoD announced the launch of a third iteration of the platform. Both are believed to have ties to major breaches involving Microsoft, AT&T, and T-Mobile.
Currently, BreachForums operates under a new domain, reportedly under ShinyHunters’ control. As for former administrator Conor Fitzpatrick, he secured a favorable plea deal in 2024—avoiding prison time in exchange for 20 years under supervised release.
