The US Department of Justice announced the seizure of the RaidForums’ website and the founder/administrator has been arrested. RaidForums was a hacker forum that served as a major online marketplace for cybercriminals to buy and sell hacked or stolen information.
The forum contained databases full of hacked and stolen information, including personal and financial information, including:
- Stolen bank routing and account numbers
- Credit card information
- Login credentials
- Social security numbers
The stolen data contained more than 10 billion unique records.
RaidForums also operated as an online venue for organizing and supporting forms of electronic harassment, such as:
Posting or sending an overwhelming volume of contact to a victim’s online communications medium
Make false reports to public safety agencies of situations that would necessitate a significant, and immediate armed law enforcement response
RaidForums had a number of ways in which they would profit off of the activities taking place. Users were charged escalating prices for membership tiers including a top-tier “God” status. Credits were sold that provided members access to privileged areas of the website and enabled members to unlock and download stolen financial information, means of identification and data from compromised databases. Credits could also be earned through other means such as by posting instruction on how to commit certain illegal acts.
The Administrator of the site has been charged with conspiracy, access device fraud and aggravated identity theft in connection with his role as Administrator.
The Administrator and his co-conspirators are alleged to have:
- Designed and administered the platform’s software and computer infrastructure
- Established and enforced rules for its users
- Created and managed sections of the website dedicated to promoting the buying and selling of contraband.
On top of this the Administrator also:
- Personally sold stolen data on the platform
- Directly facilitated illicit transactions by operating a fee-based “Official Middleman” service
Online anonymity was not able to protect the Administrator and will not protect other online criminals either. The takedown of the forum disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information.
Read more about cybersecurity here.