Raidforums.com is one of the largest clearnet hacking forums. It offers stolen databases, login credentials, adult content, and hacking tools for free download.
The official domain of the infamous cybercrime marketplace and hacking forum Raidforums.com has been allegedly seized by unknown authorities.
For your information, Raidforums.com is one of the largest clearnet hacking forums. It offers stolen databases, login credentials, adult content, and hacking tools for free download.
For instance, LinkedIn’s scraped databases containing billions of user records were leaked on Raidforums.com. Facebook’s 500 million scraped users database from 106 countries was also leaked on the same forum for free.
Some hackers sell databases depending on the value of the targeted company. However, the forum’s popularity was merely for leaking and downloading stolen databases for free.
Message from Raidforums’ admin “Jaw”
Although the situation is unclear at the time of writing, chat screenshots obtained by Hackread.com from the official Telegram group of Raidforums.com reveal its apparent demise.
One of the chat screenshots shows Raidforums’s administrator going by the online handle of “Jaw” issuing the following statement:
The raidforums.com domain has been seized. I encourage anybody that attempted logging in to change your passwords and clear any logs you have. The new domain will be rf.to for anybody interested in staying.
Initially, those visiting Raidforums.com earlier today were automatically logged out from the forum and redirected to its login page. However, at the time of publishing this article, the domain was displaying a Cloudflare error. A full preview of administrator Jaw’s statement is available below:
On the other hand, an active Raidforum.com user going by the online handle of “Pompompurin” and the Twitter handle of @Seds has also tweeted about the incident.
Raidforums and connectivity issues
Raidforums.com was having connectivity issues since the beginning of 2022. On January 30th, 2022, the forum went offline and only came back online on February 12th, 2022 raising concerns if the forum has been infiltrated by law enforcement.
Nevertheless, there was no explanation from the forum’s owner who goes by the online handle of “Omnipotent. Nevertheless, it is unclear if this incident is linked with the seizure of Raidforums.com
#Raidforums is now back online after remaining offline for almost a week. However its moderators claim to be unaware of what exactly happened, while its owner #Omnipotent was last online on January 30th, 2022 according to their account status. pic.twitter.com/JsjVmWXrDJ
— Waqas (@WAK4S) February 12, 2022
Who could be behind this?
As stated earlier, it is unclear which authority is behind this incident however lately European and Russian authorities have been quite active in seizing hacking and cybercrime forums. On January 18, 2022, Europol took down the VPN service VPNLab used by ransomware operators.
On October 5, 2021, European law enforcement busted a ransomware gang in Ukraine that was behind attacks on more than 100 companies across the globe. On June 30th, 2021, authorities managed to seize the web domains, customer logs, and server infrastructure of a double-encryption service for cybercriminals called DoubleVPN.
On January 15th, 2022, Russia’s top agency FSB (Federal Security Service) not only dismantled the infrastructure of the REvil ransomware gang but also arrested 14 suspects.
On January 24th, 2022, Russian authorities managed to arrest 4 members of the infamous Infraud Organization hacking group. The organization was labeled as the dark web’s largest cybercrime group after being indicted for stealing $530 million in different scams.
On February 8th, 2022, Russian police seized 4 more cybercrime domains including Trump Dumps, Ferum, SkyFraud carding forum, and UAS (Ultimate Anonymity Services), an RDP shop.
Stay tuned, this article will be updated with additional information.