Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Threat actors and security researchers now have access to a database for the notorious RaidForums hacking forums, giving them insight into the forum’s regulars.
RaidForums was a very popular hacking and data leak forum known for hosting, leaking, and selling data from breach organizations. Threat actors that visited the forum would access exposed database servers or hack into websites to steal customer data. The threat actors then tried to sell the data to other threat actors, who would use it for their malware distribution, phishing, and cryptocurrency scam efforts.
In an international law enforcement operation in April 2022, the RaidForums website and infrastructure were taken, and the site’s administrator, Omnipotent, and two collaborators were detained.
What We Know About the Leak
After the forum closed, its users flocked to a new forum called Breached to continue trading stolen databases. However, Breached was also shut down in March 2023, after its founder and owner, Pompompurin, was arrested by the FBI.
In an effort to fill the hole left by Breached’s shutdown, the forum Exposed was introduced earlier this month. It has since gained popularity. One of the site’s admins going by the name of “Impotent” leaked the RaidForums member database.
RaidForums Leaked Database Post (Source)
According to BleepingComputer, the leaked data consists of a single SQL file for the ‘mybb_users’ table used by RaidForums’ forum software to store registration information. This table includes the usernames, email addresses, hashed passwords, registration dates, and various other forum software-related details for the 478,870 RaidForums members who have registered.
Users who enrolled between March 20, 2015, and September 24, 2020, which is probably when the database was spilled, are included in the disclosed table as members.
According to Impotent, the leaker of the database, the information of some RaidForums members has been removed from the database. The information for many accounts in the database includes known registration information, according to BleepingComputer, which has corroborated this. Additionally, participants on the Exposed forum have attested that the MySQL table contains their personal data, demonstrating the validity of the leaked dataset.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
