U.S. federal prosecutors have charged a 25-year-old British man, Kai West, with allegedly masterminding a major international cybercrime operation that caused over $25 million in damages to victims. West, who allegedly went by the names “IntelBroker” and “Kyle Northern,” is believed to have breached dozens of organizations to acquire and sell confidential information.
French authorities apprehended West in February 2025. He is facing four federal counts, including conspiracy to commit wire fraud and unauthorized access to protected networks.
According to the indictment unsealed by the U.S. Attorney’s Office for the Southern District of New York, West is accused of launching the hacking campaign under the IntelBroker moniker in December 2022 and continuing for more than two years. He also coordinated with a group referred to in court documents as “CyberN[——]” and allegedly infiltrated the systems of over 40 victims.
Targets included a U.S. telecommunications provider, a municipal healthcare organization, and an internet service provider. Investigators say West primarily accepted payments in Monero, a cryptocurrency that consoles transaction details to protect user anonymity.
IntelBroker is alleged to have sold stolen data at least 41 times and, from 2023 to 2025, shared it for free or swapped it for forum credits in another 117 instances.
Tracing the hacker’s digital footprints
Court records detail how FBI agents linked West to the IntelBroker identity. In one undercover operation, investigators paid $250 in Bitcoin to obtain stolen data through the hacking marketplace BreachForums. The wallet used in that transaction was traced to an account on Ramp registered to West, verified by a UK driver’s license.
Further investigation revealed that the same email address connected to the Ramp profile was later found linked to a Coinbase account created under the Kyle Northern alias. That email account contained personal details, including university emails and a copy of his driver’s license.
According to the FBI, West also viewed YouTube videos showcasing his own attacks and shared them through his IntelBroker forum profile.
“This action reflects the FBI’s commitment to pursuing cybercriminals around the world,” said U.S. Attorney Jay Clayton. “New Yorkers are all too often the victims of intentional cyber schemes and our office is committed to bringing these remote actors to justice.”
FBI Assistant Director Christopher G. Raia added, “Today’s announcement should serve as a warning to anyone thinking they can hide behind a keyboard and commit cyber-crime with impunity.”
Arrests in France connected to West
Separately, French law enforcement arrested four individuals suspected of managing BreachForums. Known online as “ShinyHunters,” “Hollow,” “Depressed,” and “Noct,” the group allegedly facilitated many of West’s transactions.
West is currently being held in France, pending a decision on his extradition to the US. If convicted of the most serious charges, he could face up to 20 years in prison.
Authorities emphasized that the investigation is still underway, and the charges remain allegations at this stage. As stated in the U.S. Attorney’s release: “The charges contained in the Indictment and Complaint are merely accusations, and the defendant is presumed innocent unless and until proven guilty.”
Read TechRepublic’s report on how North Korean hackers used deepfake Zoom calls to steal cryptocurrency from unsuspecting victims.
