• Mon. Oct 16th, 2023

Data From Users of RaidForums Was Posted Online a Year After the DOJ Takedown

Avatar photo

ByEsme Greene

Aug 16, 2023
RaidForums user data online post-DOJ takedown
Esme Greene
Latest posts by Esme Greene (see all)

Security experts referred to the exposed forum as “wanting to fill the void” left by BreachForums’ recent closure when they said that the leaked database was uploaded there. The claimed RaidForums user data, which allegedly contains the information on 478,000 members, including their usernames, emails, hashed passwords, and registration dates, was shared online by an Exposed admin identified as “Impotent.”

The admin’s message states that “all of the raidforums users may have been infected.” At the time of its closure last year, RaidForums had about 550,000 users.

What is Known About the Breach

Although it’s unknown how many individuals’ information were removed from the breach or why, the admin also mentioned that certain users’ details had been changed. Following the seizure of RaidForums by American authorities, the leaked material is probably already in the hands of law enforcement, but it might be useful to security experts looking into the forum’s earlier conduct.

One of the biggest hacking communities in the world, RaidForums debuted in 2015. Cybercriminals mostly utilized it to buy and sell stolen datasets. This comprised millions of compromised T-Mobile user accounts as well as over a million passwords for the bitcoin wallet service Gatehub. The hacker forum was purportedly also utilized by the Lapsus$ hacking organization.

In April 2022, the US Department of Justice declared that as part of a global law enforcement operation, it has taken control of the RaidForums website and infrastructure. “Omnipotent,” the administrator of RaidForums, and two of his associates were also detained. Prosecutors said that hundreds of stolen data databases comprising more than 10 billion unique entries for people had been put up for sale before the forum was shut down.

Additionally, U.S. law enforcement authorities recently said that they had detained a guy who was allegedly “Pompompurin,” the administrator of the notorious BreachForums, which replaced RaidForums and had the same audience as it did. The website’s new administrator declared that the forum will be permanently closed a few days following the arrest.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.