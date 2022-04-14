A 21-year-old Portuguese man who used the codenames “Omnipotent” and “Kevin Maradona” is accused of being the chief administrator of the website “RaidForums”, one of the largest hacking forums in the world.

The page, which sold billions of company data, was taken down on Tuesday, according to the US Department of Justice and the FBI.

Diogo Santos Coelho was arrested on January 31, in England, and is awaiting extradition to the United States, where he is accused of conspiracy, access device fraud and identity theft, compounded in connection with his role as chief administrator.

When he was arrested, officers seized £5,000 and thousands of dollars, and froze more than $500,000 in cryptographic assets, the National Crime Agency reported. (NCA) of the United Kingdom.

In addition to Diogo, two other people named as administrators of the portal were arrested. Details of the arrest and identities were not released.

Both the arrests and the takedown of the site were the result of a roughly year-long investigation that sparked Operation Tourniquet. The action brought together different law enforcement agencies in the United States and Europe, including the FBI, the US Secret Service, the police in Portugal and the NCA.

2 of 3 Website that sold billions of data was taken down after international operation — Photo: Disclosure / Europol Website that sold billions of data was taken down after international operation – Photo: Disclosure / Europol

When was the site created?

The investigation pointed out that the platform was launched in 2015. The site had over 500,000 members and was hosted on a server located outside the United States.

During those years, it served as a popular marketplace for people to buy and sell hacked or stolen databases with third-party personal information.

Among the data sold were bank account numbers and passwords, credit card information, login credentials and social security numbers.

The most common passwords in data breaches in Brazil in 2021

Mega data leaks expose information from 223 million CPF numbers

How did the scheme work?

According to the indictment against Diogo Santos Coelho, which was opened in the Eastern District of Virginia in March, anyone could access RaidForums without being a member. However, you had to subscribe to a paid plan to order items for sale or purchase.

Four tiers were offered: free plan, VP membership, MVP member, and God member.

The more expensive the subscription plan, the more features were available to the user. The “God” plan, for example, offered almost unlimited access to the RaidForums website and resources.

3 of 3 Europol — Photo: Reuters Europol — Photo: Reuters

The NCA also found that the forum operated a membership scheme where users of the site paid up to 10 euros (R$50) to open chat rooms that allowed the exchange of links, photographs and data linked to cybercrime.

The investigation also pointed out that there were pages for specific subjects, such as lists of leaked credit cards with expiration dates and verification codes.

According to the indictment, Coelho served as the site’s chief administrator between January 1, 2015 and January 31, 2022. This operation was carried out with the help of other administrators.

In addition to “Omnipotent” and “Kevin Maradona”, he often used the aliases “Shiza” and “Downloading”.

The investigation says that Coelho and the other “partners” designed and managed the platform’s software and computer infrastructure.

In addition, the Portuguese would have personally sold stolen data on the platform and directly facilitated illicit transactions.

The head of Europol’s European Cyber ​​Crime Center, Edvardas Šileris, stated on the European Police Service (Europol) website that the police agency will continue to work with international partners.

“Disruption has always been a key technique in operating against online threat actors, so targeting forums that host large amounts of stolen data keeps criminals on their toes. Europol will continue with its international partners to make cybercrime more difficult to target. commit”.