Diogo Santos Coelho, aka Omnipotent (21) of Portugal was arrested in the United Kingdom on January 31st, 2022, and is accused of running RaidForums, a popular marketplace for cybercriminals to buy and sell hacked data.
The U.S. Department of Justice (DOJ) has announced the arrest of the “founder and chief administrator” of RaidForums, a popular marketplace for cybercriminals to leak, buy and sell hacked/stolen databases. The forum also leaked social security numbers (SSN), banking data including credit/debit card numbers, bank routing, account numbers, and login credentials.
Diogo Santos Coelho, aka Omnipotent (21) of Portugal was arrested in the United Kingdom on January 31st, 2022 at the request of the United States, while the process of his extradition to the States is in process, Hackread.com has learned.
For your information, Raidforums.com is one of the largest clearnet hacking forums. For instance, LinkedIn’s scraped databases containing billions of user records were leaked on Raidforums.com. Facebook’s 500 million scraped users database from 106 countries was also leaked on the same forum for free.
Some hackers sold databases depending on the value of the targeted company. However, the forum’s popularity was merely for leaking and downloading stolen databases for free.
RaidForums.com Displays Seizure Notice
Raidforums.com was having connectivity issues since the beginning of 2022. On January 30th, 2022, the forum went offline and only came back online on February 12th, 2022 raising concerns if the forum had been infiltrated by law enforcement.
On February 25th, 2022, in an exclusive report, Hackread.com reported about the seizure of RaidForums’ domain, however, at that time, the forum only displayed a login page (apparently) sniffing login credentials of users.
Now, Raidforums.com’s homepage along with its backup domains Rf.ws and Raid.lol have been seized and displays the “This Domain Has Been Seized” notice uploaded by the Federal Bureau of Investigation (FBI).
The notice also reveals that the seizure of RaidForums.com was possible after international collaboration between the FBI, Europol, the National Crime Agency (NCA) of the United Kingdom, the Swedish Police Authority, Romanian National Police, the IRS, and other internal law enforcement partners.
Operation Tourniquet
In a separate arrest linked to RaidForums, the National Crime Agency (NCA) of the United Kingdom also arrested a 21-year-old suspect from Croydon, London in March 2022. The agency also seized £5,000 ($6500) in cash, thousands in US dollars, and put a freeze on crypto assets worth more than half a million dollars.
According to NCA’s press release, the operation against RaidForums was dubbed Operation Tourniquet in which several other arrests have also been made by authorities.
Charges Against Diogo Santos Coelho
The US Justice Department’s press release published Tuesday, April 12, 2022, revealed a six-count indictment against Coelho in the Eastern District of Virginia; charging him with conspiracy, access device fraud, and aggravated identify theft in connection with his role as the chief administrator of RaidForums.
According to the indictment, between Jan. 1, 2015, and on or about Jan. 31, 2022, Coelho allegedly controlled and served as the chief administrator of RaidForums, which he operated with the help of other website administrators.
“RaidForums had developed into one of the largest hacking forums online where hacking tips and stolen data were frequently exchanged. “Data from some of the most high profile hacking incidents in recent years could be located on the site and often the victims – real people, found themselves vulnerable to further crime like fraud.”
NCA
New RaidForums is Already Online
Although taking down of RaidForums is an achievement for the law enforcement authorities on a global level, the new RaidForums has been online since early March 2022. Named Breached Forums, the platform was launched by an active Raidforum.com user and prominent hacker going by the online handle of “Pompompurin.”
BreachedForums is the exact copy of Raidforums following the same Modus Operandi as its predecessor forum. One can buy, sell and download databases for free along with offering malicious services to the public.
Nevertheless, the end of RaidForums comes as a blow to hackers and the cybercrime community around the world. At the time of publishing this article, RaidForums was displaying the seizure notice uploaded by the FBI.