The US And Europe Just Seized This Popular Hacker Website

An alliance of several global law enforcement agencies, including the Federal Bureau of Investigation (FBI), Secret Service, the UK's National Crime Agency, Europol, and others, recently led an operation to capture the web domain owned by RaidForums. Often described as one of the largest hacker forums in the world, hosted a message board system where malicious parties could buy, sell, and trade hacked and stolen data from major breaches, including the recent T-Mobile data leak made public in 2021.

A banner on the website now shows that it has been "seized by the Federal Bureau of Investigation, the United States Secret Service, and the Department of Justice." The banner also declares a set of other agencies that were part of the takedown, including the Internal Revenue Service (IRS) and law enforcement organizations from Germany, Portugal, Romania, Sweden, and the UK. Meanwhile, Diogo Santos Coelho, the 21-year-old owner and administrator of RaidForums, was arrested in the UK earlier this year and is currently in the custody of the authorities, with extradition proceedings pending against him.

RaidForums used by leading global hacking organizations

RaidForums originated in 2015 and was initially prowled by primitive hackers who would usually exchange databases with usernames and passwords obtained from low-level security breaches worldwide. Security researcher Brian Krebs notes the website as a place to organize "electronic harassment" through activities such as targeted raiding and swatting. Krebs also writes that with the increasing demand, RaidForums became the "go-to place for English-speaking hackers to peddle their wares." Vice reports that with its deepening roots, the website was also used by major hacking groups, including LAPSUS$, which has stolen data from prominent platforms including EA, Microsoft, NVIDIA, Samsung, and Vodafone.

Coelho, known by his administrator persona, "Omnipotent," is reported to have primarily benefited by selling different ranks of forum membership, including "MVP" and "God," in exchange for cryptocurrencies. He would also reportedly offer fee-based service to liaise between parties selling and buying breached data.

The Department of Justice, in its announcement, said RaidForums had more than ten billion records of people living in and outside of the US. Meanwhile, in a separate statement, Europol said that the website had more than half a million users.

Site admin indicted with fraud and conspiracy charges

According to the official indictment filed against Coelho, the investigation was piloted by an undercover agent who used RaidForums' credit system trying to buy data from the website. The charges also read that besides providing information about the stolen data to the officer, Coelho also acted as a middleman in the exchange. The 21-year-old hacker has been charged with serious identity theft, international fraud, and conspiracy.

According to Krebs, Coelho first came under the radar of the US law enforcement agencies in June 2018 at the Hartsfield-Jackson International Airport in Atlanta, Georgia. Upon his arrival in Atlanta, Coelho's electronic devices were frisked, and government agencies found messages, emails, and files referring to him by his RaidForums handle. Later that year, Coelho tried to contact the authorities, asking them to return his belongings, using the same email ID used to register URL names and, both of which were used as backup domains for RaidForums. Since February 2022, all known domains associated with RaidForums have been seized and controlled by the FBI.