In a stunning turn of events, a recent hacking forum called ‘Exposed’ has brought the RaidForums hacking community back into the spotlight. Following the closure of RaidForums and its successor, Breached, this new platform has quickly gained popularity among cybercriminals. However, the launch of ‘Exposed’ has had consequences. As one of its administrators, going by the pseudonym ‘Impotent,’ leaked the entire RaidForums member database. The leak data contains sensitive information of 478,870 individuals. It includes usernames, email addresses, hashed passwords, registration dates, and other pertinent details with the forum software.
RaidForums: A Hub of Hacking and Data Leaks
RaidForums, notorious for facilitating the trading, leaking, and selling of data stolen from organizations, attract threat actors. They exploit vulnerabilities in websites and exposed database servers to pilfer customer information. These unscrupulous actors would subsequently attempt to sell the stolen data to others in phishing attacks. This also includes cryptocurrency scams, and malware distribution. If left unsold or after a certain period, the data would often be leak for free on RaidForums. It is to bolster the culprits’ reputations within the hacking community.
The RaidForums saga took a dramatic turn in April 2022. It is when international law enforcement agencies execute a coordinate operation to seize the website and infrastructure. The forum’s administrator, known as Omnipotent, along with two accomplices, was apprehended. The takedown dealt a significant blow. It is to the underground hacking ecosystem, forcing users to seek refuge in alternative platforms like Breached. Unfortunately, Breached’s demise in March 2023, triggered by the arrest of its founder, Pompompurin, by the FBI. It further exacerbated the cybercriminals’ predicament.
The Emergence of ‘Exposed’ and the Database Leak
As the void left by Breached needed to be filled, ‘Exposed’ emerged as a potential successor. However, its administrator’s decision to leak the RaidForums member database has created a ripple effect throughout the hacking community. The leak SQL file, which primarily focuses on the ‘mybb_users’ table. It provides an unprecedented glimpse into the inner workings of RaidForums. Registration information for nearly 480,000 members, spanning from March 20th, 2015, to September 24th, 2020, has been exposed. Usernames, email addresses, hashed passwords, and other pertinent data related to the forum software are now laid bare for anyone with access to the leaked file.
While the exact motivations behind the leak remain unclear, ‘Impotent’ confirmed that certain members have been intentionally removed from the database. The origin and timing of the original dump are also shrouded in mystery. BleepingComputer, a reputable cybersecurity publication, has independently verified the authenticity of the leaked data. Multiple users of the ‘Exposed’ forum have corroborated their presence in the MySQL table, leaving little doubt about the legitimacy of the information.
Implications and the Role of Security Researchers
Although it is highly likely that law enforcement agencies already possess the RaidForums member database following the forum’s seizure, this breach could still offer valuable insights to security researchers. By analyzing
the leaked registration information, researchers can gain a deeper understanding of the threat actors involved and potentially establish connections to other malicious activities. Building profiles of these individuals allows researchers to enhance their knowledge of cybercriminal operations and contribute to the ongoing efforts to combat cyber threats.
It is crucial to note that the leak of the RaidForums member database raises concerns about individuals’ privacy. Also the potential misuse of their personal information. Affected individuals should remain vigilant, promptly change their passwords on other online platforms if they have reused them, and be cautious of phishing attempts or other suspicious activities targeting their email accounts.
RaidForums – Recap
Furthermore, this incident serves as a stark reminder of the persistent threats posed by hacking forums and the need for robust cybersecurity measures. Organizations must prioritize data protection, implement stringent security protocols, and regularly monitor their systems for any signs of compromise. Cybersecurity professionals and law enforcement agencies should collaborate to disrupt cybercriminal networks and hold threat actors accountable for their actions.
