2 min read

RaidForums hacking site shut down by police, alleged admin arrested


April 13, 2022

Promo Protect all your devices, without slowing them down.
Free 30-day trial
RaidForums hacking site shut down by police, alleged admin arrested

One of the world’s largest hacker forums, which has been operating since 2015 helping cybercriminals sell and purchase the hacked personal data of millions of innocent people, has been taken down by the police.

The US Department of Justice has announced that it has seized the RaidForums online marketplace, and arrested its alleged founder and administrator.

Visitors to domains that have long hosted the RaidForums website will now be greeted with the following message:

The domain for RAIDFORUMS has been seized by the Federal Bureau Investigation, the United States Secret Service, and the Department of Justice in accordance with a seizure warrant issued pursuant to 18 U.S.C. 55 981, 982, inter alia, by the United States District Court for the Eastern District of Virginia as part of law enforcement action taken in parallel with Europol's Joint Cybercrime Action Task Force, the United Kingdom's National Crime Agency, the Swedish Police Authority, the Romanian National Police, the Internal Revenue Service Criminal Investigation and other international law enforcement partners.

Court records unsealed yesterday reveal that a 21-year-old Portugese man, Diogo Santos Coelho, 21, was arrested in the United Kingdom on January 31st, at the request of United States law enforcement agencies.  Coelho remains in custody in the UK, while attempts are made to extradite him to face charges in a US court.

Two of Coelho's alleged accomplices have also been arrested.

The seizure of RaidForums will disrupt the site's many members, who used the platform to offer for sale hacked databases of personal and financial records for sale, as well as a venue for organising harrassment and "swatting" attacks against member of the public.

Coelho has been indicted on six counts of conspiracy, access device fraud, and aggravated identity theft.

RaidForums made money by charging users for membership of the site, and selling "credits" that could grant members access to more privileged areas of the site.  The highest tier of membership available on RaidForums was "God" status.

In addition, as the Department of Justice explains, users could earn additional credits through other means, "such as by posting instructions on how to commit certain illegal acts."

Coelho, who authorities claim used online handles such as "Omnipotent", "Downloading", and "Shiza", is alleged to have offered a fee-based "Middleman" service where he personally assist in the transactions between the person wanting to sell a hacked database and the person wishing to purchase it.

Authorities from around the world worked closely together in the investigation, which was given the name "Operation Tourniquet."

Of course, if Coelho was arrested in January and the authorities have only gone public with the closure of RaidForums now, one has to wonder what intelligence law enforcement agencies might have been gathering on the activities on RaidForums in the meantime.

Those who have used RaidForums for criminal purposes would be wise to sleep a little less easily in their beds tonight...




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like