Hacking forum hacked, user database leaked online

Oh dear, what a shame, never mind…

Hacking forum hacked, user database leaked online

RaidForums, the notorious hacking and data leak forum seized and shut down by the authorities back in April 2022, is – perhaps surprisingly – at the centre of another cybersecurity breach.

Because it seems the hacking site has been… err… hacked.

As Bleeping Computer explains, upon the demise of RaidForums many of its users jumped ship to a new hacking forum called BreachForums to trade their stolen data.

Sign up to our free newsletter.
Security news, advice, and tips.

However, in March this year the US Department of Justice announced that it had forced BreachForums offline, and arrested its alleged founder 20-year-old Conor Brian Fitzpatrick, aka “pompompurin.”

Once again, those who like to frequent criminal hacking forums realised that they had to find a new home. Some members of the site, no doubt, would have feared that the authorities might have been able to spy upon their communications and gather evidence of their various wrongdoings.

So, did they give up a life of cybercrime? Far from it! Many of them joined a new hacking forum called ExposeForums.

And it is this site which appears to have now leaked the user database of RaidForums – potentially providing law enforcement, security researchers, and – yes – other cybercriminals with a large amount of potentially sensitive information.

Raidforums leak

According to Bleeping Computer, the data includes details of 478,870 RaidForums members, “including their usernames, email addresses, hashed passwords, registration dates, and a variety of other information related to the forum software.”

Chances are that this information (and possibly more) has been in the hands of law enforcement investigators since RaidForums’ website was seized in April 2022, but there is no doubt that it would also be of interest to others.

It must be pretty nerve-wracking being a mamber of a hacking forum like RaidForums, BreachForums, ExposeForums… never quite knowing when your preferred cybercrime hangout is going to be seized by the cops, and what information they might be able to find out about you.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.