The Feds Just Shut Down One of the Web’s Biggest Hacker Marketplaces

The Feds Just Shut Down One of the Web’s Biggest Hacker Marketplaces
Photo: Andrew Brookes, Getty Images

U.S. authorities have announced the shutdown of another enormous cybercrime hub amid an ongoing wide crackdown on illicit sites. The Justice Department said Tuesday that it had officially shuttered RaidForums, one of the largest dark web destinations for stolen data on the internet, and arrested its alleged operator.

The feds say that 21-year-old Diogo Santos Coelho, of Portugal, personally sold stolen data through the site while also acting as its “chief administrator.” Coelho (who went by the hacker moniker “Omnipotent”) allegedly operated RaidForums from 2015 through January of this year with the help of other, unnamed administrators, according to court documents. British police arrested Coelho in the United Kingdom on January 31 at the behest of the United States. He will remain in custody there until his extradition proceedings are worked out, officials said Tuesday.

“The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division on Tuesday.

The demise of RaidForums comes amid a cybercrime crackdown on the part of U.S. law enforcement. Last week, federal authorities helped shutter multiple other dark web crime sites, including Hydra, a large, Russian-language market known for drug sales and money laundering. U.S. authorities also recently worked together with police in Romania to facilitate the arrest of a number of a men accused of operating Besa Mafia, a long-running scam site offering phony “murder-for-hire” services. A botnet allegedly operated by the Russian hacker gang Sandworm was also disrupted by the FBI last Wednesday.

In addition to arresting Coelho, police also seized three domains and the user database for the criminal marketplace. RaidForums required cybercriminals to register anonymous accounts to sell and trade data using cryptocurrency on its site. At the time of its takedown, the site had more than 530,000 registered users, CNN reports.

For the better part of a decade, RaidForums has served as a giant repository for stolen data. Hackers have used it to buy and sell a wide range of information — everything from pilfered credit card numbers to routing numbers to stolen account credentials. Many companies that suffered data breaches over the years would ultimately find their sites’ contents spilled across RaidForums for various prices.

“This is another example of how working with our international law enforcement partners has resulted in the shutdown of a criminal marketplace and the arrest of its administrator,” Polite said.