RaidForums database of 480,000 cybercriminals leaked
![Image Europol Head of Operations discusses [dismantling of LockBit]](https://incyber.org//wp-content/uploads/2023/12/incyber-news-water-cybersecurite-cybersecurity-885x690.jpg)
The online archive exposes the personal data of users of this database reselling platform, which was closed down a year ago
On a stolen database sharing platform, a cybercriminal recently posted an archive concerning RaidForums, a similar online forum. At the time of its closure by the U.S. justice system in April 2022, RaidForums was the largest darkweb site dedicated to security breaches and database reselling.
The leak has been available since May 31, 2023 on Exposed, an emerging cybercrime platform that aims to take over from RaidForums. In particular, it uses the same graphic charter. Shortly after RaidForums’ closure, another similar platform, BreachForums, was launched with some success. In March 2023, it was dismantled by the American justice system.
In fact, the publication of this archive boosted Exposed’s profile, tripling its number of daily connections. As access to the databases is subject to a fee, the leak also made money for the cybercriminal platform.
The database itself contains the personal information of some 480,000 RaidForums users, registered between March 2015 and September 2020. It includes usernames, e-mails, and password hashes. The archive also included their IP addresses, but a file copy error limited this information to 67,500 accounts.
Since law enforcement agencies seized RaidForums’ servers when it was dismantled, they probably already had all this information. This database will therefore be of particular interest to cybersecurity researchers, or cybercriminals wishing to hack their « colleagues ».