RaidForums

RaidForums
	Domain seizure notice on raidforums.com
Type of site	Internet forum
Available in	English
Dissolved	April 12, 2022;2 years ago
Successor(s)	BreachForums
Country of origin	United Kingdom
Founder(s)	Diogo Santos Coelho, also known by his screen name "Omnipotent"
URL	rf.to
Advertising	Yes
Commercial	Yes
Registration	Optional
Users	530,000 at time of shutdown
Launched	2015;10 years ago
Current status	Seized by the United States FBI

Last updated January 18, 2025

RaidForums was an English-language black hat hacking internet forum founded in 2015. The website facilitated the discussion of a variety of hacking topics and was a notable distributor of various data breaches, hacking tools, and pornography until its closure and seizure by law enforcement authorities in 2022.^[1] The website was monetized via advertisements and through a tiered membership program where members with higher tiers would receive elevated access to the forum and its contents.^[2]^[3]

History

RaidForums began in 2015 as a platform for Twitch raiders.^[4]

Domain seizure

The domain and its contents were seized by the Federal Bureau of Investigation on April 12, 2022 after a month of downtime, in collaboration with the United States Secret Service, the United States Department of Justice, and a variety of other national and international law enforcement agencies.^[1]

Administration

The website was allegedly founded by a 21-year old Portuguese national, Diogo Santos Coelho under the screen name "Omnipotent", who was arrested on January 31, 2022 in the United Kingdom.^[5] His arrest occurred pending several years of investigation after several of his devices were searched under warrant at the Hartsfield-Jackson International Airport in June 2018, suggesting he was the owner and primary administrator "Omnipotent". According to hackread.com, an administrator under screen name "Jaw" & "souls" announced the seizure officially on the forum's public Telegram channel, and redirected subscribers of the channel to RaidForums' backup domain rf.to,^[2] which however went offline (and has remained offline for months) after this statement, only becoming reachable again after Diogo Santos Coelho's release on bail^[6]^[7] in August 2022.

Impact

At the time of its closure in 2022, the forum had over 530,000 registered users and was one of the most prolific and easily accessible clearnet illicit hacking forums.^[2]

Related Research Articles

InfraGard is a national non-profit organization serving as a public-private partnership between U.S. businesses and the Federal Bureau of Investigation. The organization is an information sharing and analysis effort serving the interests, and combining the knowledge base of, a wide range of private sector and government members. InfraGard is an association of individuals that facilitates information sharing and intelligence between businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to preventing hostile acts against the United States.

Kim Dotcom, also known as Kimble and Kim Tim Jim Vestor, is a Finnish-German Internet entrepreneur and political activist who lives in Glenorchy, New Zealand.

The Pirate Bay, commonly abbreviated as TPB, is a freely searchable online index of movies, music, video games, pornography and software. Founded in 2003 by Swedish think tank Piratbyrån, The Pirate Bay facilitates the connection among users of the peer-to-peer torrent protocol, which are able to contribute to the site through the addition of magnet links. The Pirate Bay has consistently ranked as one of the most visited torrent websites in the world.

Megaupload Ltd was a Hong Kong–based online company established in 2005 that operated from 2005 to 2012 providing online services related to file storage and viewing.

Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.

LulzSec is a grey hat computer hacking group that claimed responsibility for several high profile attacks, including the compromise of user accounts from PlayStation Network in 2011. The group also claimed responsibility for taking the CIA website offline. Some security professionals have commented that LulzSec has drawn attention to insecure systems and the dangers of password reuse. It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks. One of the founders of LulzSec was computer security specialist Hector Monsegur, who used the online moniker Sabu. He later helped law enforcement track down other members of the organization as part of a plea deal. At least four associates of LulzSec were arrested in March 2012 as part of this investigation. Prior, British authorities had announced the arrests of two teenagers they alleged were LulzSec members, going by the pseudonyms T-flow and Topiary.

<span class="mw-page-title-main">KickassTorrents</span> Defunct file-sharing website

KickassTorrents was a website that provided a directory for torrent files and magnet links to facilitate peer-to-peer file sharing using the BitTorrent protocol. It was founded in 2008 and by November 2014, KAT became the most visited BitTorrent directory in the world, overtaking The Pirate Bay, according to the site's Alexa ranking. KAT went offline on 20 July 2016 when the domain was seized by the U.S. government. The site's proxy servers were shut down by its staff at the same time.

Lizard Squad was a black hat hacking group, mainly known for their claims of distributed denial-of-service (DDoS) attacks primarily to disrupt gaming-related services.

BTC-e was a cryptocurrency trading platform primarily serving the Russian market, with servers located in the United States. The U.S. government seized their website and funds in 2017. It was founded in July 2011 by Alexander Vinnik and Aleksandr Bilyuchenko, and as of February 2015 handled around 3% of all Bitcoin exchange volume. The platform was eventually taken over by Russian Orthodox oligarch Konstantin Malofeev, and funds from BTC-e were used for the war in Donbass, under the control of the FSB.

<span class="mw-page-title-main">AlphaBay</span> Defunct darknet marketplace

AlphaBay was a darknet market operating at different times between September 2014 and February 2023. At times, it was both an onion service on the Tor network and an I2P node on I2P. After it was shut down in July 2017 following law enforcement action in the United States, Canada, and Thailand as part of Operation Bayonet, it was relaunched in August 2021 by the self-described co-founder and security administrator DeSnake. The alleged original founder, Alexandre Cazes, a Canadian citizen born on 19 October 1991, was found dead in his cell in Thailand several days after his arrest, with police suspecting suicide.

A darknet market is a commercial website on the dark web that operates via darknets such as Tor and I2P. They function primarily as black markets, selling or brokering transactions involving drugs, cyber-arms, weapons, counterfeit currency, stolen credit card details, forged documents, unlicensed pharmaceuticals, steroids, and other illicit goods as well as the sale of legal products. In December 2014, a study by Gareth Owen from the University of Portsmouth suggested the second most popular sites on Tor were darknet markets.

dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.

Operation Shrouded Horizon was an 18-month international law enforcement investigation culminating in the July 2015 seizure of Darkode, an online cybercrime forum and black market, and the arrest of several of its members. The case involved law enforcement agencies from 20 countries, led by the United States Federal Bureau of Investigation (FBI) with the assistance of Europol, in what the FBI called "the largest-ever coordinated law enforcement effort directed at an online cyber criminal forum".

<span class="mw-page-title-main">Carding (fraud)</span> Crime involving the trafficking of credit card data

Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

Hack Forums is an Internet forum dedicated to discussions related to hacker culture and computer security. The website ranks as the number one website in the "Hacking" category in terms of web-traffic by the analysis company Alexa Internet. The website has been widely reported as facilitating online criminal activity, such as the case of Zachary Shames, who was arrested for selling keylogging software on Hack Forums in 2013 which was used to steal personal information.

Maia arson crimew is a Swiss developer and computer hacker. Crimew is known for leaking source code and other data from companies such as Intel and Nissan, and for discovering a 2019 copy of the United States government's No Fly List on an unsecured cloud server owned by CommuteAir. Crimew was also part of a group that hacked into Verkada in March 2021 and accessed more than 150,000 cameras. She is also the founding developer of the Lawnchair application launcher for Android.

Aubrey Cottle, also known as Kirtaner or Kirt, is a Canadian website forum administrator who claims to be an early member of the hacktivist group Anonymous. Cottle was involved with Anonymous during the late 2000s and in its resurgence beginning in 2020, in which the group attempted to combat the far-right conspiracy movement QAnon.

On November 13, 2021, a hacker named Conor Brian Fitzpatrick, going by his alias "Pompompurin", compromised the FBI's external email system, sending thousands of messages warning of a cyberattack by cybersecurity CEO Vinny Troia who was falsely suggested to have been identified as part of The Dark Overlord hacking group by the United States Department of Homeland Security.

Hydra was a Russian language dark web marketplace, founded in 2015, that facilitated trafficking of illegal drugs, financial services including cryptocurrency tumbling for money laundering, exchange services between cryptocurrency and Russian rubles, and the sale of falsified documents and hacking services. Hydra was shut down by American and German law enforcement action in April 2022, and its operator was sentenced to life in prison by a Russian court in December 2024.

BreachForums, sometimes referred to as Breached, is an English-language black hat–hacking crime forum. The website acted as an alternative and successor to RaidForums following its shutdown and seizure in 2022. Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributed data breaches, pornography, hacking tools, and various other services.

References

1 2 Krebs, Brian (April 12, 2022). "RaidForums Gets Raided, Alleged Admin Arrested". Archived from the original on April 18, 2022. Retrieved April 19, 2022.
1 2 3 "Hacking forum Raidforums.com allegedly seized by authorities". February 25, 2022. Archived from the original on April 25, 2022. Retrieved April 19, 2022.
↑ Lyngaas, Sean (April 12, 2022). "FBI and international partners seize control of popular hacking forum". CNN . Archived from the original on April 19, 2022. Retrieved April 19, 2022.
↑ "What It's Like to Run a Hacking Forum: A Conversation With RaidForums Owner Omnipotent". The Record by Recorded Future. January 13, 2021. Archived from the original on May 31, 2022. Retrieved June 12, 2022.
↑ "United States of America v. Diogo Santos Coelho". justice.gov. Archived from the original on August 30, 2022. Retrieved April 18, 2022.
↑ "RaidForums admin "Omni" granted conditional bail while U.K. considers U.S. extradition request". October 21, 2022. Archived from the original on October 21, 2022. Retrieved October 21, 2022.
↑ "RaidForums". Internet Archive Wayback Machine. October 21, 2022. Retrieved October 21, 2022.

External links

This website-related article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[:1-1] 1 2 Krebs, Brian (April 12, 2022). "RaidForums Gets Raided, Alleged Admin Arrested". Archived from the original on April 18, 2022. Retrieved April 19, 2022.

[:0-2] 1 2 3 "Hacking forum Raidforums.com allegedly seized by authorities". February 25, 2022. Archived from the original on April 25, 2022. Retrieved April 19, 2022.

[3] Lyngaas, Sean (April 12, 2022). "FBI and international partners seize control of popular hacking forum". CNN . Archived from the original on April 19, 2022. Retrieved April 19, 2022.

[4] "What It's Like to Run a Hacking Forum: A Conversation With RaidForums Owner Omnipotent". The Record by Recorded Future. January 13, 2021. Archived from the original on May 31, 2022. Retrieved June 12, 2022.

[5] "United States of America v. Diogo Santos Coelho". justice.gov. Archived from the original on August 30, 2022. Retrieved April 18, 2022.

[:6-6] "RaidForums admin "Omni" granted conditional bail while U.K. considers U.S. extradition request". October 21, 2022. Archived from the original on October 21, 2022. Retrieved October 21, 2022.

[:7-7] "RaidForums". Internet Archive Wayback Machine. October 21, 2022. Retrieved October 21, 2022.

[1]

[2]

[3]

[4]

[5]

[6]

[7]