Contents:
The RaidForums hacker site was largely used by cybercriminals to acquire and sell stolen datasets. The forum represented a database sharing and marketplace forum, that offered exclusive database breaches and leaks as well as an active marketplace.
What Happened?
As a result of Operation TOURNIQUET, a sophisticated law enforcement operation coordinated by Europol to assist independent investigations in the United States, the United Kingdom, Sweden, Portugal, and Romania, the unlawful marketplace ‘RaidForums‘ has been shut down and its infrastructure seized. The administrator of the forum, as well as two of his associates, have also been apprehended.
The Department of Justice today announced the seizure of the RaidForums website, a popular marketplace for cybercriminals to buy and sell hacked data, and unsealed criminal charges against RaidForums’ founder and chief administrator, Diogo Santos Coelho, 21, of Portugal. Coelho was arrested in the United Kingdom on Jan. 31, at the United States’ request and remains in custody pending the resolution of his extradition proceedings.
Court records unsealed today indicate that the United States recently obtained judicial authorization to seize three domains that long hosted the RaidForums website. These domains were “raidforums.com,” “Rf.ws,” and “Raid.lol.” According to the affidavit filed in support of these seizures, from in or around 2016 through February 2022, RaidForums served as a major online marketplace for individuals to buy and sell hacked or stolen databases containing the sensitive personal and financial information of victims in the United States and elsewhere, including stolen bank routing and account numbers, credit card information, login credentials and social security numbers.
As ZDNet reports, hundreds of stolen data databases holding more than 10 billion unique information for people had been offered for sale prior to the forum’s confiscation.
The global law enforcement operation, dubbed Operation Tourniquet, saw Europol, the UK National Crime Agency (NCA), the United States Justice Department, as well as law enforcement officials from Portugal, Sweden, and Romania, collaborate to shut down the RaidForums hacker forum and its associated servers.
The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information.
Officials from the various countries collaborated on this operation for at least a year under the auspices of Europol’s Joint Cybercrime Action Taskforce, where they exchanged information with one another to enable investigators to distinguish between the various roles played by the individuals in charge of running the marketplace, according to Europol.