RaidForums leak, exposing 470K+ users, confirmed


RaidForums, a now-defunct website for exchanging leaked data, had its users exposed. Cybernews confirmed the validity of the data.

The administrator of a recently launched cybercriminal website posted a database containing details of former members of RaidForums, a now-defunct website that the new kid on the leak distribution block is trying to emulate.

Ironically, the leaked database includes the type of information RaidForums users would buy and sell themselves, such as usernames, passwords, and email addresses.

Cybernews researchers have investigated the supposed leak and confirmed the exposed data is valid. However, it’s unclear when the data was taken from the RaidForums, but, likely, the exposed database doesn’t contain the most recent information from the cybercriminal website.

You can check if your account was exposed in the RaidForum leak using our Personal Data Leak Checker.

What RaidForum data leaked?

The exposed database includes:

  • Unique user identifiers
  • Usernames chosen by the users
  • Account passwords
  • Cryptographic salt values
  • Login keys
  • User email addresses
  • Number of posts users made
  • Number of threads started by users
  • User activity data
  • Google, Skype, and other data

“All of the users that were on raidforums may have been infected,” the post’s author says.

“Ladies and gentlemen, I regret to inform you the Journalists are coming!” said another user, commenting on the ad for the RaidForums database.

RaidForums
Post on the cybercriminal website. Image by Cybernews.

What is RaidForums?

RaidForums was suspended early in October 2021, with the US Department of Justice (DoJ) confirming the seizure in April 2022.

Some of the RaidForums admins later launched a substitute named BreachedForums. The latter was shut down in late March 2023 after the feds arrested suspected cybercrime marketplace administrator Conor Brian Fitzpatrick, known as Pompompurin.

Cybercriminals used BreachForums to exchange data stolen from businesses and other organizations. For example, data stolen from a medical insurance company DC Health Link, including sensitive information on US House and Senate members, was posted on the website.

Several substitutes for BreachedForums cropped up after it was shut down, with Exposed Forum trying to establish itself as one of the successors of the infamous cybercriminal website.

The wave of new cybercrime forums pushed some in the cybercrime community to worry that at least a few candidates to take over where Pompompurin left off have been set up by the authorities to trick criminals into revealing themselves.


More from Cybernews:

Reclaiming privacy: the Cap_able way

NVIDIA announces AI supercomputer

ChatGPT-based program nails Minecraft

Twitter leaves EU’s voluntary pact against disinformation

Wildfires cause internet outage in Canada

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked