The now-defunct RaidForums database has been released online, containing data on nearly half a million members
The personal information of nearly half a million users of the notorious hacking forum RaidForums has been leaked to the public, technology blog BleepingComputer confirmed Monday.
A SQL database containing registration information for 478,870 RaidForms members who joined the site between 2015 and 2020 — including usernames, emails, registration dates and hashed passwords — was posted by the forum’s administrators to a site called Exposed A newer hacker forum, ‘Incompetent,’ Monday.
Impotent tells BleepingComputer that although the user has been excluded from the database so that “Because there’s no drama,” 99% of the original content is still there. Only Exposed knew where the data came from, the administrator added Tuesday, but would not share any details, explaining that the database was not intended for the public, but Impotent decided to leak it anyway. Other members of Exposed have reportedly vouched for the legitimacy of the information.
Before it was seized by law enforcement last year, RaidForums was a popular exchange for hackers, fraudsters, scammers and cybercriminals of all kinds who would post hacked or stolen data to sell to others in the digital underworld. If no one buys what they offer, it’s usually leaked on RaidForums to boost the poster’s reputation.
Impotent’s handle is believed to be a tribute to RaidForums administrator Omnipotent, who was arrested in January 2022 and revealed to be 21-year-old Diogo Santos Coelho from Portugal as part of an international law enforcement operation called Operation TOURNIQUET involving US, UK authorities, Sweden, Portugal and Romania.
At the time of Coelho’s arrest, RaidForums had more than 500,000 active users and was used to trade hundreds of stolen data databases containing more than 10 billion unique identity records, according to the DOJ.
The site lasted another three months before it was finally shut down in April 2022 — with members noticing some safety red flags. As Russia’s military campaign in Ukraine begins, RaidForums has announced that it will ban any members known to have ties to Russia.
Last month, the Dutch National Police sent thousands of emails, mailed hundreds of letters, and even called former RaidForums members, warning them they were being watched and urging them to delete any stolen or transactional data they had. Officials obtained users’ identities by analyzing RaidForums databases such as the one leaked on Monday, which reportedly included IP addresses used for registration and login.
You can share this story on social media:
