[German]Europol has struck another blow against cyber criminals. The European police agency, together with other police agencies, has succeeded in shutting down RaidForums, one of the largest hacker forums in the world. The underground forum, founded in 2015, probably has more than half a million users, who supplied themselves with data from leaks (credit card or bank data, online access data, etc.). Charges have already been filed against the initiators.
Advertising
The seizure of the infrastructure of the illegal marketplace "RaidForums" and its decommissioning by an operation TOURNIQUET (hub) coordinated by Europol was announced for April 12, 2022 in The Hague. In the meantime, the domain in question shows the following representation with the seizure notice.
RaidForums seize note
Operation TOURNIQUET was a complex law enforcement operation coordinated by Europol to support independent investigations by the United States, the United Kingdom, Sweden, Portugal, and Romania. The following authorities participated in this investigation:
Sweden: Swedish Police Authority (Polisen).
Romania: National Police (Poliţia Română).
Portugal: Judicial Police (Polícia Judiciária)
Germany: Federal Criminal Police Office (BKA)
United States: U.S. Secret Service (USSS), Federal Bureau of Investigation (FBI), Internal Revenue Service Criminal Investigation (IRS-CI).
United Kingdom: National Crime Agency (NCA)
Europol: European Cybercrime Centre (EC3), Joint Cybercrime Action Taskforce (J-CAT).
As a result, not only was the infrastructure seized and the illegal marketplace "RaidForums" shut down. Three domains hosting RaidForums were seized: "raidforums.com," "Rf.ws," and "Raid.Lol." The administrator of the forum and two of his accomplices were also arrested. The U.S. Department of Justice reports here that the administrator and founder of RaidForums, Diogo Santos Coelho from Portugal (alias Omnipotent) was already arrested on January 31, 2022 in the United Kingdom and is now facing trial. He has been in custody since that date pending his extradition proceedings to the United States. The U.S. Department of Justice plans to charge the man in the U.S. state of Virginia. The Portuguese man is only 21 years old, and was only 14 years old the year RaidForums was founded, writes Bleeping Computer here.
Advertising
RaidForums foundet 2015
RaidForums was founded in 2015 and was considered one of the largest hacker forums in the world with over half a million users. This marketplace was well-known among cyber criminals as it sold access to high-profile database leaks that affected a number of US companies from various industries. The illegal marketplace sold information on millions of credit cards, bank account numbers and routing numbers, as well as usernames and associated passwords needed to access online accounts. These records came from data breaches and other attacks carried out in recent years.
The operator and its administrators charged members ascending prices depending on the level of membership. The higher the membership price, the better the access to the databases and more features were unlocked.
Take down after one year
The take down was the culmination of a year of careful planning between the participating law enforcement agencies to prepare for the operation. The partners worked closely together through the Joint Cybercrime Action Taskforce (J-CAT), based at Europol, to identify key targets and establish a coordinated strategy in preparation for the final phase of the investigation. This intensive exchange of information allowed investigators to define the different roles of the targets in this marketplace, i.e., the administrator, the money launderers, the users responsible for stealing/uploading the data, and the buyers.
