Kai Logan West (born 1999 or 2000), known also by the online pseudonym IntelBroker, is a former black hat hacker who has committed several high-profile cyber attacks against large corporations and government agencies, with over 80 sales and leaks of compromised data having been traced to them.

IntelBroker first began activities in October 2021, hacking minor organizations, but gained notoriety in 2023 after an attack on the food delivery service "Weee!". They have been active on BreachForums, an online cybercrime forum, serving as its owner between August 2024 and January 2025.

IntelBroker's identity was revealed on June 25, 2025, as a result of his indictment and arrest.

After their initial string of attacks, IntelBroker was speculated to be a highly skilled team, possibly an Iranian Persistent Threat Group; however, an interview with The Cyber Express revealed that they were a single person. In another interview with the German podcast Inside Darknet, IntelBroker claimed that he was Serbian and resided in Russia for safety reasons.

IntelBroker has expressed that law enforcement assigns national affiliations to independent actors too quickly and that the media often cover or overlook cyberattacks selectively. In their interview with Inside Darknet, IntelBroker expressed a desire to one day manage a cybercrime forum. They told The Cyber Express that one of their hobbies is drinking and that "exploiting digital vulnerabilities" can be lucrative "all while operating within ethical and legal boundaries".

In 2023 IntelBroker joined the racist hacking group CyberNiggers on BreachForums and orchestrated the group's most significant cyberattacks during their tenure there. Similar attacks continued to be carried out by other members of the group before it became inactive. In August 2024 IntelBroker became the owner of BreachForums. They later resigned in January 2025, though the forum remains active.

IntelBroker has used a wide range of tactics to enter secured systems. After breaching their target, IntelBroker tries to establish persistent access by running unauthorized commands and manipulating system accounts. They may obfuscate malicious files or escalate their access privileges to make it difficult for security software to defend the compromised network effectively. IntelBroker typically tries to sell this access first, which can be used to facilitate other malicious activities. Eventually they may also attempt to expand their access using compromised credentials, discover and extract more of the victim's data in order to sell them on the black market such as BreachForums.

IntelBroker created a unique ransomware strain written in C# known as Endurance, and published its source code publicly on his GitHub page. While labeled as ransomware, the software overwrites and then deletes all targeted files. Endurance was confirmed by the Department of Defense Cyber Crime Center (DC3) to have been used by IntelBroker to hack several U.S. government agencies. They speculated that Endurance was related to the Shamoon wiping software sometimes used by Iranian Hackers, which IntelBroker has denied. After 2023 IntelBroker no longer appears to be engaged in ransomware activities.