A database containing details of nearly half a million RedForum users has been leaked online, a year after the notorious cybercrime forum was seized by the US Department of Justice.
The leaked database was posted on Exposed It has been told As an up-and-coming forum by security researchers “wanting to fill the void” left by the recent BreachForum shutdown. An exposed admin, known only as “the impostor”, posted alleged Redforum user data, which includes details of 478,000 users, including their usernames, email addresses, hashed passwords and registration dates.
The admin’s post says, “All users on RedForum may be infected.” At the close of last year, RedForums had approximately 550,000 users.
The admin said that details of some users have been removed from the leak, though it is not clear how many or the rationale behind this.
The data exposed following RedForum’s seizure by US authorities is likely already in the hands of law enforcement, but could help security researchers investigate the forum’s historical activity.
RadForums, which started in 2015, has grown to become one of the largest hacking forums in the world. It was mainly used by cyber criminals to buy and sell stolen databases. This included more than a million passwords for cryptocurrency wallet service GateHub and millions of stolen T-Mobile customer accounts. The Lapsus$ hacking group reportedly also used the hacking forum.
The US Department of Justice announced that it had seized RadForum’s website and infrastructure in April 2022 as part of an international law enforcement operation. The administrator of Redforum, known as “Almighty”, and two of his accomplices were also arrested. Prosecutors said that prior to the Forum’s seizure, hundreds of databases of stolen data containing more than 10 billion unique records for individuals were offered for sale.
US law enforcement agencies also recently announced that they had arrested a man accused of being “Pompompurin”, the administrator of the infamous BreachForum, which came about after the demise of RedForum and served the same purpose and audience.
A few days after the arrest, the new administrator of the cybercrime website announced that they were shutting down the forum forever.