One of the World's Largest Hacker Forums (RaidForums) Gets Raided, Administrator and Owner Arrested

Post a Comment


RaidForums Seized

According to the US Department of Justice, one of the world's largest marketplaces for stolen data has been confiscated, and an administrator has been arrested (DOJ).

The US Department of Justice (DOJ) said today that it had seized RaidForums' website and user database, an enormously popular English-language cybercrime forum that has offered access to more than 10 billion customer records stolen in some of the world's largest data breaches since 2015. The accused administrator of RaidForums, Diogo Santos Coelho, 21, of Portugal, was also charged by the DOJ with six criminal offenses, including conspiracy, access device fraud, and aggravated identity theft.

Diogo Santos Coelho

Coelho is now 21, according to the US Department of Justice, which implies he was only 14 when he founded RaidForums in 2015.

"," "," and "Raid.Lol" are the three domains that host RaidForums.

RaidForums, according to Europol, had over 500,000 subscribers and was "considered one of the world's largest hacking forums."

Coelho and his forum administrator alias "Omnipotent" are accused of profiting from the platform's illegal behavior by charging "escalating rates for membership levels that promised greater access and privileges, including a top-tier 'God' membership rank," according to the authorities.


"RaidForums also sold 'credits,' which permitted members to 'unlock' and download stolen bank information, methods of identification, and data from infiltrated databases, among other items," the DOJ stated in a written statement. "Other ways for members to gain credits include publishing directions on how to perform specific unlawful crimes."

On February 27th, 2022,'s DNS servers were abruptly changed to the following servers:

Researchers concluded that the domain was seized because these DNS servers had previously been used with other sites seized by law authorities, such as and

The site became well-known in recent years, and it was commonly used by ransomware gangs and data extortionists to leak data as a means of pressuring victims into paying a ransom. It was formerly utilized by the Babuk ransomware gang and the Lapsus$ extortion group.


RaidForums had a humble beginning before becoming the hackers' favorite place to sell stolen data. It was used for organizing various types of electronic harassment, including swatting targets (false reports that result in armed law enforcement intervention) and "raiding," which the Department of Justice defines as "posting or sending an overwhelming volume of contact to a victim's online communications medium."

Coelho was arrested in the United Kingdom on January 31 at the request of the US and is in custody pending the outcome of his extradition case, according to the DOJ.

The takedown of RaidForums was the product of "Operation Tourniquet," a joint investigation by the NCA, the US, Europol, and four other nations that led in "a number of associated arrests," according to a statement from the UK's National Crime Agency (NCA).

The indictment against Coelho can be viewed here (PDF). 

Keyword: RaidForums, RaidForums Seized, Administrator RaidForums Arrested, Owner RaidForums Arrested, Hacker Forum Seized, Diogo Santos Coelho arrested, RaidForums FBI

Related Posts

Post a Comment