RaidForums domain – a market for stolen data got seized, admin arrested

FBI and Europol took down the operations of the largest hacking forum for selling stolen information

FBI seized largest stolen data databaseRaidForums took down after years of operating as largest marketplace to breached data

The stolen data market RaidForums got taken down and the domain seized while the suspected administrator awaits in the UK for a decision on the extradition to the US. The famous market for stolen information was active for six years and now has been shut down.[1]

The founder and admin, Diogo Santos Coelho, in the UK was arrested earlier this year. The 21-year-old was using the moniker Omnipotent, and according to the publicly released indictment, he is waiting for the outcome of UK legal proceedings. the hacker might be extradited to the United States.[2]

The notorious forum is the largest market for stolen data in the world. The platform was used to sell access to hacked personal information belonging to various users. The cybercrime website seizure involved authorities from the US, UK, Portugal, Romania, and Sweden.

This announcement from The Department of Justice is informing on the latest massive sweep by the US government and international law enforcement partners. RaidForums, at some point, had 10 billion pieces of personally identifiable information for sale.[3]

The hacker was accused of operating middleman services

Diogo Santos Coelho, aka Omnipotent, the chief administrator of the major site was apprehended on January 31st and is waiting for the extradition. His charges include conspiracy, access device fraud, and aggravated identity theft. Also, besides being charged for creating and monitoring the software and computer infrastructure, the Justice Department lists additional accusations.

The hacker is accused of operations where he was a fee-based middleman and helped to facilitate the transactions on the malicious platform.[4] It is believed that the service enabled purchasers and sellers to verify the means of payments on contraband files proper to the transaction. This was the method to create confidence amongst the parties intimating these transactions.

Database or repository of personal information

The site was launched in January 2015, and it offered a database of compromising data. The information was more than 10 billion unique records of individuals in the US and abroad. These databases mainly store credit card details, bank account numbers, social security numbers, usernames, and passwords needed to access various online accounts.[5] Such information can be obtained via data breaches and exploits carried out in the latest years.

This marketplace had made a name for itself by selling access to high-profile database leaks belonging to a number of U.S. corporations across different industries

The seizure of the RaidForums occurred on February 25th, and the online marketplace got offline, implying that law enforcement had accessed the infrastructure. Besides operating as the database and marketplace for the stolen information, this site had different subscription tiers. This was the way to profit from the sales of confidential and sensitive information.

The monetization method entailed the use of credits for members to unlock such privileges and access to other compromised databases. Cybercriminals were able to earn credits in other ways on RaidForums. Hackers had the opportunity to post guides for other criminals teaching them to commit illegitimate acts. This seizure is the result of long investigations and steps taken by law enforcement to crack these cybercriminals down.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions