More than 470,000 members of dark web hacking site RaidForums have had their data leaked by Exposed, another hacking forum.
Members of the forums would put the various data stolen during data breaches on the site, where it could be purchased by other members for use in other malicious activities, including phishing and social engineering campaigns and even identity theft.
In April 2022, the site shut down after its infrastructure and website were seized during an international law enforcement operation. The site then became BreachForums, a site notorious for launching a cyber attack against Australian healthcare and insurance provider Medibank and releasing and selling the personal and medical information of 9.7 million people stolen during the breach. BreachForums itself shut down in March of this year after its top admin was arrested by the FBI.
In May, a site similar to both RaidForums and BreachForums called Exposed was launched. Exposed currently functions in a similar way to both RaidForums and BreachForums – namely the release, selling and purchase of private data stolen in cyber attacks.
On May 29, one of the site’s admins who goes by the screen name ‘impotent’ made a post to the site saying that they had uploaded a database of RaidForums’ members. According to impotent, the data includes the usernames, hashed passwords, email addresses and registration dates for all members who registered between March 20, 2015, and September 24, 2020. The total number of members that registered in this period is 478,870.
Image source: BleepingComputer
Other data leaked includes relevant information regarding the forum’s software. According to cyber security news site BleepingComputer, the database contains known registration information for several accounts. Multiple Exposed users have also confirmed that their information is in the database.