Dutch Police is sending emails to former RaidForums members, asking them to delete stolen data and stop illegal cyber activities and warning that they are not anonymous.
RaidForums was a very popular and notorious hacking and data leak forum known for hosting, leaking, and selling stolen data obtained from breached organizations.
Threat actors who frequented the forum would hack into websites or access exposed database servers to steal customer information. The threat actors would then attempt to sell the data to other threat actors, who use it for their campaigns, such as phishing attacks, cryptocurrency scams, or distributing malware.
In many cases, if data was not sold or some time had passed, the stolen data would be leaked for free on RaidForums to gain reputation among the community.
In April 2022, the RaidForums website and infrastructure were seized in an international law enforcement operation, with the site’s administrator, Omnipotent, and two accomplices arrested.
Dutch police send warnings to RaidForums members
Yesterday, the Dutch National Police (Politie) announced that they sent thousands of emails, hundreds of letters, and conducted stop calls on RaidForums members to warn them that their actions are illegal and that they are being monitored by law enforcement.
These members were identified by analyzing the seized RaidForums forum database, which would have contained members’ email addresses, registration IP addresses, and the IP addresses used when posting and downloading files from the site.
This data can then be used to identify members, what country they are located in, and their involvement in the site.
Politie says that the analysis of this data has already led to the arrest of three people who extorted companies by threatening to leak stolen data if a ransom was not paid.
The sent emails were titled “Politiewaarschuwing aan Raidforums gebruikers,” which translates to “Police warning to Raidforums users.”
In a screenshot of the email shared with Tweakers.net, the Dutch Police asks RaidForums members to delete any stolen or traded data they downloaded, warning that “You are less anonymous online than you think.”
The machine-translated email can be read below in English:
“The Dutch Police and international police organizations have launched an investigation into the website Raidforums.com. This resulted in the police taking the website offline and obtaining a dataset containing the platform’s user data. As a result of this investigation, several people have been arrested (see QR code).
The investigation has shown that you are linked to a Raidforums user account and that you are active in groups where leaked data is traded. Possession of this is a criminal offence.The police are aware that Raidforums was used to trade leaked data such as pornographic material, personal data and/or account data. Raidforums were also used to gain knowledge for the development of cyber skills that are closely related to committing serious cybercrime crimes.
The Dutch Police urges you to stop participating in online activities, such as trading leaked data. You run the risk of breaking the law. Remove pirated software or datasets obtained from Raidforums or other similar sites. Participation in or further continuation of cybercriminal activities may lead to further action against YOU. Illegal activities conducted on Raidforums.com (or on similar websites) can lead to:
• Conviction: You will be fined, community service or imprisonment
• Criminal record: You will get a criminal record. This makes it more difficult to find an internship or a job, but it also makes traveling abroad more difficult.
• Confiscation: You lose your computer, phone or other electronic devices.
The police take firm action against cybercrime, in whatever form. You are less anonymous online than you think. Do you still choose to commit cybercrime? Then be aware of the consequences. Prevent the police from showing up at your door. Think about your future and don’t commit a cyber crime.”
Politie told BleepingComputer that in addition to sending emails and letters, the Dutch Police have been conducting “stop calls” with minors involved in RaidForums.
BleepingComputer was told that during these calls minors and their parents are provided with information about the possible consequences of cybercrime.
“Such a conversation is more effective than a letter for this target group,” Politie told BleepingComputer.
Many of the members of these data leak communities are minors who are enticed by the thrill of hacking into networks and websites and being able to share their activities with a community of like-minded peers.
In 2021, the Dutch Police made posts on Russian and English-speaking hacker forums, including RaidForums and XSS, warning that law enforcement is watching their activity.
The Dutch Police also created an outreach program called GameChangers to deter young people from getting involved in cybercrime and instead turning to a white hat career.
The UK National Crime Agency (NCA) has a similar program known as Cyber Choices that aims to prevent young people from getting involved in cybercrime.