RaidForums hacking forum seized by police, owner arrested

Representational image of a cybercriminal
Image Credit: Pixabay (Image credit: Pixabay)

A popular dark web forum has been seized by the authorities, and its founder and admin, arrested and charged. 

As reported by the U.S. Department of Justice (DoJ), the country’s law enforcement agencies recently obtained a court order to seize RaidForums.com, RF.ws, and Raid.lol domains, which were hosting the RaidForums underground marketplace for stolen sensitive data and other contraband.

According to the announcement, from 2016 until February 2022, RaidForums was used to sell sensitive personal and financial information of US citizens, including stolen bank routing and account numbers, credit card information, login credentials, and social security numbers.

TechRadar needs you!

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

Owner arrested in the UK

“Hundreds” of databases, with more than 10 billion unique records, were sold on the forum before being taken down, the DoJ claims. 

Besides being used to sell stolen data, the forum was allegedly also used to organize different forms of electronic harassment, including “raiding” and “swatting”. 

The forum’s founder and chief administrator, a 21-year-old Diogo Santos Coelho, of Portugal, was arrested in the UK at the US’ request. He is currently in custody, pending the resolution of his extradition.

Coelho is being charged with six counts, including conspiracy, device access fraud, and aggravated identity theft. As an admin, he allegedly designed and administered the forum’s software and infrastructure, set up and enforced rules, as well as created and managed different sections of the website.

Coelho profited from the website in more ways than one, including selling different membership tiers that offered greater access and features. He also sold “credits” which provided members access to privileged areas of the website.

He also personally sold stolen data and acted as a trusted middleman, through a service called “Official Middleman”. In the service, Coelho allegedly verified the customers’ means of payment, as well as contraband files being sold.

It’s also worth mentioning that he wasn’t working alone - the site has had more administrators.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.