US Law enforcement has shut down one of the largest cybercriminal marketplaces in the world used to sell sensitive data to the highest bidder.
RaidForums has had its domains seized and the founder and chief administrator Diogo Coelho faces charges of conspiracy, access device fraud, and aggravated identity theft among others. The Department of Justice (DoJ) revealed the 3 domains they seized were “raidforums.com”,”rf.ws” and “raid.lol”
RaidForums is synonymous among the hacker world with attackers from all over the world using the marketplace to buy, sell, and trade tools and sensitive data they have obtained like passwords and stolen payment details. The marketplace had a membership system with escalating features the more you pay, all the way up to “God” membership. It also has a credits system, you can earn credits by posting instructions on how to commit some fraudulent actions or by buying them. These credits gave users access to privileged areas of the website with financial information, credentials, and personal information on millions of victims.
RaidForums and its employees would operate as a “trusted middleman” between buyers and sellers. Kind of like eBay but for hackers. RaidForums would facilitate the sale, ensure both parties get what they want, and take a cut of the final fee.
The founder of RaidForums, Diogo Coelho, is facing a six-count indictment as he was, along with the help of co-conspirators, designed and administered the platform and its software as well as its infrastructure. Coelho also personally sold stolen data on the platform.
“The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information,” said Assistant Attorney General Kenneth A. Polite, in a press release.