April 12, 2022
Global operation takes down hackers' leaked data market
Western law enforcement agencies have dismantled an online marketplace used to buy and sell hacked and stolen personal data belonging to millions of people, and have brought criminal charges against the platform's founder and chief administrator, officials announced Tuesday.
Authorities say the RaidForums website trafficked in hundreds of databases of sensitive data, including credit card and Social Security numbers and bank account information, that had been hacked or stolen from victims.
In addition to seizing three domains that hosted the website, officials have also arrested 21-year-old Diogo Santos Coelho of Portugal, who prosecutors say controlled and administered the platform between 2015 and this past January, when he was taken into custody in the United Kingdom.
The U.S. is seeking his extradition to federal court in Alexandria, Virginia, on charges including conspiracy, access device fraud and aggravated identify.
"The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information," said Assistant Attorney General Kenneth A. Polite Jr., head of the Justice Department's criminal division, said in a statement.
The site, founded in 2015, offered special access and features for members willing to pay—including a "God" membership that prosecutors say enabled nearly unlimited access. The site also sold "credits" to members that enabled them to download means of identification and information from stolen databases, and also allowed them to earn credits by posting instructions on how to commit illegal acts, according to an indictment.
"Disruption has always been a key technique in operating against threat actors online, so targeting forums that host huge amounts of stolen data keeps criminals on their toes," said Edvardas Šileris, head of Europol's European Cybercrime Centre. "Europol will continue working with its international partners to make cybercrime harder—and riskier—to commit."
The FBI and Justice Department and other Western law enforcement agencies, including Europol and agencies in Sweden, Portugal, Germany and the UK, were involved in the operation.
Alex Holden, the founder of Hold Security, said RaidForums was the largest English-speaking forum and marketplace for cybercrooks and its takedown will be "a major problem for the bad guys who trade based on their reputation."
But as the criminals migrate to different forums, he said, "they will have to mark their territory, assert their position, which only means more breaches" and more online dumping of stolen data.
© 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.