End clap for “RaidForums”, considered one of the biggest hacker forums. Police forces in six countries — the United Kingdom, the United States, Germany, Portugal, Romania and Sweden — have indeed succeeded in dismantling this site on which one could not only glean advice on hacking, but also buy stolen data. . And not just a little.
According to the United States Department of Justice, it was enough to go to the sub-forum Leaks Market to have access to “hundreds of databases containing over 10 billion unique records”. The site, which had more than 500,000 users, even offered an intermediation service called Official Middleman to secure transactions. More anecdotally, RaidForums was also used to practice swattingthat is to say to trap Internet users by sending them special forces.
Created in 2015, this well-oiled business was led by a 21-year-old Portuguese, Diogo Santos Coelho alias Omnipotent, who was its chief administrator. He was arrested on January 31 in the United Kingdom, along with two of his acolytes. On this occasion, the police seized 5,000 English pounds and thousands of dollars in cash, as well as cryptocurrency worth more than half a million dollars.
Coordinated internationally by Europol, this police operation was codenamed Turnstile. It is the result of a long investigation whose starting point is in June 2018.
According to KrebsOnSecurity, Diogo Santos Coelho then landed at Atlanta airport and was searched. On his computer equipment, the agents would have found files and messages showing that he was the Omnipotent administrator, of RaidForums.
Also see video:
According to FlashPoint analysts, the dismantling operation started on February 25, when one of the administrators of RaidForums alerted users on Telegram.
In reality, the latter have already been on the alert since February 7, when the site mysteriously crashed for five days. It is likely that law enforcement had access to the site since then. In any case, a police investigator confirmed with KrebsOnSecurity that RaidForums was secretly operated by law enforcement. ” during weeks “, presumably to collect user information. Which promises some subsequent twists.
Sources : Europol, DoJ, NEC, KrebsOnSecurity, flash point