Police Shut Down RaidForums Hackers
One of the world’s most notorious DarkNet hacking marketplaces, RaidForums, has been shut down and its infrastructure seized in a major cross-border law enforcement operation. The RaidForums hacker forum is used by cyber criminals to primarily buy and sell stolen databases.
RaidForums' UK-based founder Diogo Santos Coelho has been arrested in the UK and could be extradited to the US on charges of conspiracy, access device fraud, and aggravated identify theft.
Operation TOURNIQUET, which was coordinated by Europol in support of the independent investigations of the US, UK, Sweden, Portugal and Romania, also led to the arrest of the RaidForums’ administrator and two of his accomplices.
The operation was conducted after a year of collaborative planning and information-sharing between investigators and officers across the different police forces within the Joint Cybercrime Action Taskforce framework. The information sharing system enabled security forces to paint a clear picture and establish the roles of different actors within the marketplace, such as administrators, money launderers, users, sellers, and buyers.
RaidForums was launched in 2015 and is believed to be one of the world’s largest hacking forums, boasting more than 500,000 users. Everything from credit card details to bank account numbers to usernames and passwords is sold on the forum.
One such example for sale on the site was 40 million user records stolen from popular mobile app Wishbone and the personal details of hundreds of thousands of individuals who tested for Covid-19 in 2020.
The Head of Europol’s European Cybercrime Centre, Edvardas Šileris, commented. “Disruption has always been a key technique in operating against threat actors online, so targeting forums that host huge amounts of stolen data keeps criminals on their toes. Europol will continue working with its international partners to make cybercrime harder, and riskier, to commit.”
Europol have begun a major new operation designed to crack down on Russian oligarchs and businesses attempting to circumvent sanctions in the wake of the Russian invasion of Ukraine. Operation Oscar will run for at least a year as an umbrella initiative that will feature many separate investigations, Europol explained. The policing organisation’s European Financial and Economic Crime Centre will work to exchange information and intelligence with partners and provide operational support in financial crime investigations.
RaidForums gained prominence in criminal circles by offering access to high-profile database leaks, which could be used to enable crimes like fraud.
According to the threat intelligence firm Recorded Future, the site contained more than 530,000 registered members and was a powerful tool among low to mid-level cyber-criminals. The compromised data, which hackers bought and sold, included information stolen from UK companies, some of which related to credit cards, bank accounts, usernames and passwords.
Europol: Recorded Future: Oodaloop: Infosecurity Magazine: ZDNet: The Record:
You Might Also Read:
What Goes On In The Dark Web?: