Leaked RaidForums Database Exposes Hacker Identities
The Rise and Fall of RaidForums
A significant breach has occurred as the database of the notorious RaidForums hacking forums has been leaked online. This breach offers a rare glimpse into the individuals who frequented the forum, shedding light on their activities for both threat actors and security researchers.
RaidForums gained notoriety as a popular hub for hackers and data leaks, notorious for hosting, distributing, and selling stolen data obtained from breached organizations. The threat actors who frequented the forum would exploit websites or exploit exposed database servers to pilfer customer information. Subsequently, they attempted to sell this data to other threat actors who utilized it for various malicious campaigns, including phishing attacks, cryptocurrency scams, and malware distribution.
In some instances, if the stolen data remained unsold or a considerable amount of time had passed, it would be leaked freely on RaidForums as a means to establish a reputation within the community.
In April 2022, an international law enforcement operation resulted in the seizure of the RaidForums website and infrastructure. The site’s administrator, Omnipotent, and two accomplices were arrested, effectively dismantling the platform.
Following the closure of RaidForums, users migrated to a new forum called Breached to continue their illicit activities. However, Breached met a similar fate when its founder and owner, Pompompurin, was apprehended by the FBI in March 2023. Concerns arose among the site’s remaining administrators that law enforcement agencies might have gained access to their servers, prompting the shutdown of Breached.
See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses
The Leaked RaidForums Database Exposes Dark Secrets of Underground Community
Filling the void left by Breached, a new forum called ‘Exposed’ emerged earlier this month, rapidly gaining popularity among the underground community. Today, ‘Impotent,’ one of the site’s administrators, leaked the RaidForums member database, exposing a vast amount of information to other threat actors, researchers, and potentially law enforcement agencies.
Forum post leaking the RaidForums member database
Source: BleepingCompute
BleepingComputer has obtained and analyzed the leaked data, which consists of a single SQL file containing the ‘mybb_users’ table. This table stores registration information used by RaidForums’ forum software, encompassing details such as usernames, email addresses, hashed passwords, registration dates, and various other information associated with the forum software.
The leaked table encompasses registration information for 478,870 RaidForums members who joined between March 20th, 2015, and September 24th, 2020, indicating the time frame during which the database was likely dumped. Impotent has stated that certain RaidForums members have been removed from the leaked database, and the origin and timing of the original dump remain unknown.
BleepingComputer has independently verified the accuracy of the leaked information, confirming that numerous accounts in the database align with known registration details. Furthermore, members of the Exposed forum have attested to the presence of their information within the MySQL table, solidifying the legitimacy of the leaked data.
Trending: Recon Tool: Sniffer
Although it is plausible that law enforcement authorities already possess the database following the seizure of RaidForums, this leaked data could still prove valuable to security researchers. By examining the registration information, researchers can gain insights into the threat actors involved and potentially establish connections to other malicious activities, contributing to a more comprehensive understanding of the cyber threat landscape.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com