The U.S. Department of Justice (DOJ) announced this week that it had successfully seized the online marketplace known as RaidForums and brought criminal charges against its founder and chief administrator, Diogo Santos Coelho of Portugal.
Coelho was arrested in the U.K. back in January at U.S. request, where he remains in custody until the completion of extradition proceedings. Further, the DOJ unsealed court records showing that the United States has been authorized to seize three domains that hosted RaidForums: raidforums.com, Rf.ws, and Raid.lol.
The DOJ has alleged RaidForums’ role as a marketplace for cybercriminals to buy and sell stolen data from 2016 onward. Hacked databases with sensitive personal and financial information from the U.S. and abroad were said to be traded there, including bank routing and account numbers, credit card information, login credentials, and social security numbers. The DOJ believes more than 10 billion unique records were offered through the website.
“The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information,” Assistant Attorney General Kenneth Polite, Jr. of the Justice Department’s Criminal Division said. “This is another example of how working with our international law enforcement partners has resulted in the shutdown of a criminal marketplace and the arrest of its administrator.”
According to U.S. Attorney Jessica Aber for the Eastern District of Virginia, online anonymity was not able to protect Coelho from prosecution and should serve as a warning to other online criminals.
Even before the hacking allegations, RaidForums had negative associations online. It was founded in 2015 largely to organize and support forms of electronic harassment, including through raiding – overwhelming victims’ online communications – and swatting – a deadly practice that utilizes false reports to police to generate immediate, armed responses against individuals.
“The seizure of the RaidForums website – which facilitated the sale of stolen data from millions of people throughout the world – and the charges against the marketplace’s administrator are a testament to the strength of the FBI’s international partnerships,” Steven D’Antuono, Assistant Director in Charge of the FBI’s Washington Field Office, said. “Cybercrime transcends borders, which is why the FBI is committed to working with our partners to bring cybercriminals to justice – no matter where in the world they live or behind what device they try to hide.”
Coelho has been charged with six counts of conspiracy, access device fraud, and aggravated identity theft.
Actions taken against Coelho and RaidForums were the result of joint efforts from the FBI, U.S. Secret Service, Joint Cybercrime Action Taskforce (Europol), National Crime Agency (U.K.), Swedish Police Authority (Sweden), Romanian National Police (Romania), Judicial Police (Portugal), Internal Revenue Service Criminal Investigation, Federal Criminal Police Office (Germany) and other law enforcement partners.