Upstart crime site woos Raid Forums orphans

Upstart crime site woos Raid Forums orphans

Breach Forums launches as alternative to mysteriously torpedoed illicit cyber crime community.

Credit: Dreamstime

A new crime site for hackers is positioning itself as an alternative to Raid Forums, a popular watering hole for threat actors before it was mysteriously taken down in February.

The new site, Breach Forums, was launched by an old Raid Forum hand who goes by the handle "pompompurin," according to a blog post this week by Flashpoint, a threat intelligence company. In the welcoming thread to the forum, pompompurin stated that the new hacker community was being created as an alternative to Raid Forums.

“If RaidForums does ever return in any official capacity,” pompompurin wrote, “this forum will be closed and this domain will redirect to it.”

With a little more than 1,500 members, Breach Forums has a long way to go before it reaches the 748,348 members Raid Forums had before its demise.

A market for a forum to buy and sell stolen credentials

Raid Forums was a mid-tier English-language hacking forum that attracted a wide international audience of threat actors, Flashpoint explained. The forum was one of the most popular illicit online forums on the public internet and was notorious for its high-profile database leaks and offerings. Breach Forums aims to fill the vacuum in the fraud community created by the closure of Raid.

Breach Forums is on its way to replacing Raid Forums, observes Dan Piazza, technical product manager for Netwrix, an IT security software company. "However," he adds, "there are also dark web alternatives that previous Raid Forums users may flock to instead. Only time will tell," he says, "but there's clearly a market for a surface web forum where credential breaches can be bought and sold."

"At least a chunk of the activity and function of Raid Forums will make its way to Breach Forums," adds Casey Ellis, CEO and founder of Bugcrowd, which operates a crowdsourced bug bounty platform. “I wouldn’t be surprised if the starting from scratch aspect of that shift will result in some new and novel ways to use this type of community."

Single enforcement event not likely to have significant impact on cyber crime

Piazza downplayed the impact that the rise of a Raid Forums proxy will have on security professionals. "I personally don't think this will have much impact on security professionals," he says. "Raid Forums wasn't the only site offering this kind of community—especially when you consider the dark web and private discussion groups in chat software like IRC."

"I am not sure much really changes," added John Bambenek, principle threat hunter at Netenrich, an IT and digital security operations company. 

"On the internet, crime still pays, so until takedowns—and more importantly, arrests—radically increase, there isn’t much incentive against criminals remaining criminals. Much like a seizure of a large cache of drugs and guns, "no single enforcement event has a long-term significant impact on crime."

ESET Distinguished Researcher Aryeh Goretsky, though, maintains that monitoring criminal ecosystems can be tricky. "It requires not just time and patience, but specialised skill sets, temperaments and knowledge about the participants and their behaviours, interests, and activities," he says. "Having to restart learning, of course, can be difficult in a new and unknown environment."

Ellis adds that the main challenge for security professionals posed by the demise of Raid Forums is its disruption to breach and threat intelligence sources. 

"In some ways, having a stable criminal community, which can be observed or infiltrated by benevolent researchers, is as valuable a defensive asset as it is useful for the bad guys," he says. "When a source gets burnt like that, the ability to glean intelligence gets burnt as well."

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cyber security


EDGE 2024

Register your interest now for EDGE 2024!



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments