International law enforcement raided and shut down one of the world's largest hacking forums, RaidForums, known for selling access to hacked user data.
Authorities from the United States, the United Kingdom, Sweden, Portugal and Romania were involved in the seizure of a cybercrime website dubbed Tourniquet that was seized at the administrator's home in Croydon, England, last month.
Three domains linked to the illegal market were seized: "raidforums[.]com," "Rf[.]ws," and "Raid[.]lol."
"Omnipotent," the company's founder and CEO, was arrested on January 31 in the United Kingdom and is awaiting extradition to the United States. Conspiracy, access device fraud, and aggravated identity theft are among the charges against Santos Coelho.
Santos Coelho, a 21-year-old Portuguese national, was accused by the U.S. Justice Department (DoJ) of operating a fee-based middleman service to facilitate transactions on the platform.
Before completing a purchase or a sale, the DoJ noted that, "to build trust between transacting parties, the Official Middleman service allowed purchasers and sellers to verify the means of payment and contraband files being sold."
RaidForums had more than 500,000 users since its launch in January 2015, with the storefront offering for sale databases of pilfered data containing more than 10 billion unique records of individuals in the United States and abroad.
To access online accounts, these databases contained personal details such as credit card details and bank account information as well as the usernames and passwords associated with them.
A number of high-profile U.S. company database leaks had been sold through this marketplace, according to the agency, which said it had "made a name for itself." In recent years, data breaches and other exploits have yielded these datasets.
"Raid" in RaidForums reflects its early beginnings as a hub for organizing various forms of electronic harassment, such as "raiding," which refers to a form of targeted harassment by posting an overwhelming volume of messages to a victim.
It is claimed that RaidForums went offline on February 25, 2022, nearly two weeks after the online marketplace was plagued by database errors and outages between February 7 and 12, implying that law enforcement officials had access to the infrastructure for several weeks.
When Omnipotent supposedly went on vacation between January 31 and February 7, the day of the recent outage, a cybersecurity company called Flashpoint noted at the time.
"Omnipotent did not respond to inquiries about the outage after it was restored on February 12th. The site owner was also not active until the alleged seizure on February 25, according to the information available."
Additionally, RaidForums relied on various subscription tiers (i.e., free, VIP, MVP, and God) in order to profit from the sales of confidential and sensitive information. As an additional method of revenue generation, members could purchase credits that would grant them access to the infiltrated databases.
RaidForums also allowed cybercriminals to earn credits by posting instructions on how to commit illegal acts, according to the DoJ.
As law enforcement has taken a series of steps to crack down on cybercrime over the past year, the demise of RaidForums comes to an end. This past week, German and U.S. authorities shut down Hydra, a Russia-based dark web marketplace that has been linked to $5 billion worth of transactions since 2015.
Targeting forums that host large amounts of stolen data is a good way to keep cybercriminals on their toes, according to Edvardas ileris, head of Europol's European Cybercrime Centre.
Post a Comment
Your suggestions and comments are welcome