Police Shut Down RaidForums Hackers

One of the world’s most notorious DarkNet hacking marketplaces, RaidForums, has been shut down and its infrastructure seized in a major cross-border law enforcement operation. The RaidForums hacker forum is used by cyber criminals to primarily buy and sell stolen databases.

RaidForums' UK-based founder Diogo Santos Coelho has been arrested in the UK and could be extradited to the US on charges of conspiracy, access device fraud, and aggravated identify theft.

Operation TOURNIQUET, which was coordinated by Europol in support of the independent investigations of the US, UK, Sweden, Portugal and Romania, also led to the arrest of the RaidForums’ administrator and two of his accomplices.

The operation was conducted after a year of collaborative planning and information-sharing between investigators and officers across the different police forces within the Joint Cybercrime Action Taskforce framework. The information sharing system enabled security forces to paint a clear picture and establish the roles of different actors within the marketplace, such as administrators, money launderers, users, sellers, and buyers.

RaidForums was launched in 2015 and is believed to be one of the world’s largest hacking forums, boasting more than 500,000 users. Everything from credit card details to bank account numbers to usernames and passwords is sold on the forum.

One such example for sale on the site was 40 million user records stolen from popular mobile app Wishbone and the personal details of hundreds of thousands of individuals who tested for Covid-19 in 2020.

The Head of Europol’s European Cybercrime Centre, Edvardas Šileris, commented. “Disruption has always been a key technique in operating against threat actors online, so targeting forums that host huge amounts of stolen data keeps criminals on their toes. Europol will continue working with its international partners to make cybercrime harder, and riskier, to commit.”

Europol have begun a major new operation designed to crack down on Russian oligarchs and businesses attempting to circumvent sanctions in the wake of the Russian invasion of Ukraine. Operation Oscar will run for at least a year as an umbrella initiative that will feature many separate investigations, Europol explained. The policing organisation’s European Financial and Economic Crime Centre will work to exchange information and intelligence with partners and provide operational support in financial crime investigations.

RaidForums gained prominence in criminal circles by offering access to high-profile database leaks, which could be used to enable crimes like fraud.

According to the threat intelligence firm Recorded Future, the site contained more than 530,000 registered members and was a powerful tool among low to mid-level cyber-criminals. The compromised data, which hackers bought and sold, included information stolen from UK companies, some of which related to credit cards, bank accounts, usernames and passwords.

Europol:     Recorded Future:    Oodaloop:     Infosecurity Magazine:      ZDNet:      The Record

You Might Also Read: 

What Goes On In The Dark Web?:

 

« Microsoft Removes Domains Used For Cyber Attacks On Ukraine
Software Industry Mergers and Acquisitions 2022 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Bishop Fox

Bishop Fox

Bishop Fox is a leading authority in offensive security, providing solutions ranging from continuous penetration testing and attack surface management to product and application security assessments.

FireMon

FireMon

FireMon is the only agile network security policy platform for firewalls and cloud security groups providing the fastest way to streamline network security policy management.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

CETIC

CETIC

CETIC is an applied research centre in the field of ICT. Key technologies include Big Data, Cloud Computing, the Internet of Things, software quality, and trust and security of IT systems.

Featurespace

Featurespace

Featurespace is a world-leader in Adaptive Behavioural Analytics and creator of the ARIC platform for fraud and risk management.

CS3STHLM

CS3STHLM

CS3STHLM is the Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems.

Titans24

Titans24

Titans24 is a Software-as-a-Service security platform for web applications. It prevents attacks on business websites that are protected under 11 cyber-security layers.

Shearwater Group

Shearwater Group

Shearwater Group is an award-winning organisational resilience group that provides cyber security, advisory and managed security services to help secure businesses in a connected global economy.

BlackDice Cyber

BlackDice Cyber

Threat Intelligence is only part of the solution. Our solution matches threats to vulnerabilities and automatically takes remedial action against compromised apps, devices and websites.

Cyber Dacians

Cyber Dacians

Cyber Dacians offers Information and Cyber Security Consulting Services. We help you to test the effectiveness of your security defenses and build a secure infrastructure.

Xperience

Xperience

Xperience solves our clients’ toughest challenges by delivering business efficiency through digital transformation solutions across cloud, managed IT, CRM and ERP.

Involta

Involta

Involta orchestrates IT transformation journeys using well-defined and rigorous processes to deliver hybrid cloud solutions, consulting and data center services tailored to our clients’ needs.

Aunalytics

Aunalytics

Aunalytics is a data platform company that delivers insights as a service to answer your most important IT and business questions.

CYGNVS

CYGNVS

CYGNVS is a guided cyber crisis response platform providing anytime, anyplace access. A SaaS platform for cyber crisis management – a safe way to connect and control your response.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.

Nicos AG

Nicos AG

Nicos AG specializes in secure, global data communication.