“Operation Tourniquet”
Raid Forums: Biggest hacker forum in the world taken down – the founder was 14 years old
The Raid Forums were popular in the scene for trading in user and access data
© FangXiaNuo / Getty Images
If you want to buy stolen data on the Internet, you just have to know where to look for it. One of the most popular contact points has now been taken offline. The 500,000-strong Raid Forums were a teenager’s project.
Imagine there was a burglar club. There, criminal experts exchange views on the best way to get into houses, offer data on residents and their belongings, and even trade keys to private homes and company headquarters. Something like this has long existed in digital form – in the form of secret hacker forums. One of the largest has now been taken down by international law enforcement.
This was announced by the FBI and Europol last night. The website called “Raid Forums” was confiscated along with two alternative sites. According to the police, it was “one of the largest hacker forums in the world”. The more than half a million active users traded there with stolen user data records, access data and the like. The FBI, the BKA, Europol and authorities from Sweden, Great Britain, Portugal and Romania were involved in the joint action.
criminal teenager
In addition to confiscating the site, authorities also reported the arrest of three suspects. The main accused is the site operator Diego C. aka “Omnipotent”. According to the indictment, the 21-year-old Portuguese is said to have founded the forum in 2015 – at the age of only 14. He is said to have traded data himself, but also organized deals for third parties for a fee. This is said to have raised significant sums.
According to security expert Brian Krebs, the officials found out when C. entered the USA in 2018 and his laptop was searched in a routine examination. When he contacted the FBI to get him back, he reportedly used an email address that was also used to set up the alternative sites Raid.lol and rf.ws. In further investigations, the officials are said to have secured further evidence against him, he is accused of six counts such as money laundering and identity theft.
Important contact point
The Raid Forums were seen as a highly attractive place for hackers to sell stolen data, get information and exchange tips for bridging. Because access data to company servers were sold there in addition to extensive databases on ordinary people, they were also a contact point for hackers who earned their money by taking over company networks and extorting ransom money. A special feature was the language. While most hacker forums target Russian users, Raid Forums’ main language was English. In fact, the forum even threatened to kick out all Russian users after the Russian attack on Ukraine.
When C. founded the forum, it was initially not aimed at hackers. As the name suggests, so-called “raids” were planned there, in which a group of people meet to attack and harass online communities. “Swatting” was also popular. This is the term used to describe attempts to have the police storm someone else’s house by pretending to be hostages or something similar. However, over the years, illegal trading of data and hacking tips became the main focus.
The scene and experts had suspected for a few weeks that the forum had been hijacked by security forces. In fact, the FBI had already confiscated the site on January 31st. Because the forums were no longer accessible in February and only allowed the entry of user data, some in the scene suspected that it could be a trap even before the confiscation was announced. You should be right.
Sources: US Department of Justice indictment, Cancer on Security