- RaidForums have been doing illegal activities using people's data and selling them to third parties for criminal activities.
- The platform is a marketplace for selling and buying stolen information by English-speaking hackers.
- The DOJ has caught the administrator Santos Coelho in the UK. He now waits for the extradition hearing.
RaidForums is a website where English-speaking hackers peddle data collected illegally from internet users. The hackers sell this data to third parties who use them for terrible attacks against their targets. Also, the admins commit identity theft, conspiracy, and other unimaginable things.
The DOJ has revealed that the administrators have sold billions of consumer records. According to the Justice Department, hackers got this data in some of the largest data breaches since seven years ago. Meanwhile, the US DOJ has caught the RaidForums administrator Diogo Santos Coelho. He’s facing charges for these malicious activities, including identity theft and conspiracy.
The operation responsible for the raid is “Operation Tourniquet,” a joint investigation involving the UK NCA, Europol, US, and four other countries.
RaidForum illegal activities revealed
The forum didn’t start as a platform for selling data. It mainly focused on electronic harassment. The DOJ even confirmed that the platform engaged in raiding and swatting, which usually attracts the attention of law enforcement agencies on their target. In addition, the people behind RaidForum sometimes send false reports to safety agencies about their targets, thereby bringing down the force of the law against them.
But gradually, their attention shifted to data peddling since data breaches became a new normal. As a result, English-speaking hackers started using the platform as a marketplace to sell stolen data. The market for this dubious sale was tagged the “Leaks Market” on RaidForum. It was a place to transact in stolen databases & leaks.
According to the DOJ, the administrators made huge sums of money from this platform. They asked for accountable amounts for different membership plans offering different levels of features and access to their illegal products. One of the special membership statuses was “God,” the top-tier with wide access to stolen data.
Apart from membership subscriptions, users also buy credits to gain more access to certain privileges. Users with credits can access the financial information of different individuals, sensitive information, and other levels of data. If a member doesn’t have money for credits, they could teach how to commit an illegal act to earn credit.
Another way the admins made money was through the “Official Middleman.” This is an escrow system that users pay to use during transactions. This system serves as insurance to ensure that other criminals do not scam them during transactions.
According to the government, many federal agents working as undercover agents experienced the escrow system firsthand. For example, there was an incident where a company paid in Bitcoin to recover stolen sensitive information of its clients in the US. The hacker “SubVirt” had posted the sale of data belonging to at least 120M US residents. But afterward, he reduced it to 30M, and later T-Mobile announced a data breach affecting 40M customers. Even though the victim firm paid $200,000 in BTC, the hackers kept trying to sell the data.
The government involvement
On March 23rd, there was a report that the FBI had taken over RaidForums. Reports revealed that the government agency has been running the platform secretly. According to a reliable source, the RaidForums admin Coelho attempted to enter the US in 2018. When he got to the airport, the security agencies obtained a warrant and searched his electronic devices. Then they discovered his identity as the illegal platform’s admin called “Omnipotent.”
Coelho attempted to retrieve his devices by sending messages to the FBI agent in charge of his case. Unfortunately, he used the email addresses he had already shared on the platform as alternatives for RaidForums. This led to his arrest on January 31st in the UK. He has been in custody awaiting the extradition hearing.
Data breaches and internet privacy
The number of data breaches in recent times is alarming. Many people regularly expose themselves through the information they share online. Hackers and cybercriminals gather these pieces of data to form a pool of meaningful information base about different individuals. Afterward, they peddle people’s sensitive information to interested third parties for illegal activities.
Sometimes, those who buy this information use them for terrible attacks against the targets. They can use someone’s information to blackmail, demand ransom, doxing, identity theft, hacks, etc. That’s why internet privacy should be communal and not for one person. Every internet user should be more privacy savvy to protect himself from exploits.