RaidForums Hacking Marketplace Seized
Europol’s Operation TOURNIQUET was successful in taking down one of the most notorious hacking marketplaces, RaidForums. Its infrastructure was seized during the major cross-border law enforcement operation, according to Europol. The operation was a collaborative effort between the European police force, the US, UK, Sweden, Portugal, and Romania. In addition to taking down the forum, one of its administrator and two of his accomplices were captured and arrested. The operation was conducted after a year of collaborative planning and information-sharing between investigators and officers across the different police forces within the Joint Cybercrime Action Taskforce framework.
The information sharing system enabled security forces to paint a clear picture and establish the roles of different actors within the marketplace, such as administrators, money launderers, users, sellers, and buyers. RaidForums was launched in 2015 and is believed to be one of the world’s largest hacking forums, boasting more than 500,000 users. Everything from credit card details to bank account numbers to usernames and passwords is sold on the forum. One such example for sale on the site was 40 million user records stolen from popular mobile app Wishbone and the personal details of hundreds of thousands of individuals who tested for Covid-19 in 2020.
The DoJ is charging its founder, 21-year-old Portuguese citizen Diogo Santos Coelho, on six criminal counts, including conspiracy, access device fraud and aggravated identity theft.
U.S. law enforcement has shut down one of the largest cybercriminal online forums in the world and revealed the charges its Portuguese founder will face in federal court. However, the takedown is likely to only be a temporary blow to hackers, who will find other ways of buying and selling data stolen in cyber-attacks, security professionals noted.
The Department of Justice (DoJ) unveiled Tuesday that it has seized three domains to affectively shut down the RaidForums website, a major English-language online marketplace for cybercriminals to buy and sell databases stolen from organizations in ransomware and other cyber-attacks. The domains seized by the feds after obtaining judicial authorization were “raidforums.com,” “Rf.ws,” and “Raid.lol,” according to a press release published Tuesday.