On 4 June 2021, it was reported that RaidForums, a popular web-based forum, was blocked in Indonesia after a threat actor leaked the personal data of 1 million citizens. The threat actor claimed to have obtained personal data of 279 million Indonesians when making the original post on the website. He stated that he was willing to leak more information if paid for.
The blocking of RaidForums has caused uproar in the online community due to its popularity as a place to exchange ideas, share news, and discuss current events. However, this incident raises questions about protecting private data and cybersecurity issues in Indonesia and other countries with high population densities. In this article we will explore why RaidForums was blocked in Indonesia after this incident and how this could affect cybersecurity issues worldwide.
RaidForums is blocked in Indonesia after a threat actor leaked personal data of 1M citizens after claiming to have personal data of 279M Indonesians in a post (Catalin Cimpanu/The Record)
Raidforums is an online platform which allows people to share stolen or leaked data, or find vulnerabilities in software. It has been a popular destination for hackers and cybercriminals in recent years.
In October 2020, a threat actor posted on the forum claiming to have the sensitive personal data of 279 million Indonesians. This sparked a wave of panic in the country, resulting in the blocking of RaidForums in Indonesia.
In this article, we will look at the background of RaidForums and discuss how this incident occurred.
What is RaidForums?
RaidForums is an online discussion board established in 2016 as a platform for hackers to share information, discuss techniques and explore computer security.
The forum’s primary intended use is to provide a platform for members to engage in white hats hacking activities, such as pen-testing and ethical hacking. However, members also use it to discuss cybercrime topics, such as phishing, doxxing and other malicious activities. RaidForums welcomes constructive discussion about these topics, but does not condone or promote malicious activities or cybercrime.
Because of its focus on computer security topics, RaidForums has strict guidelines. All members are expected to respect the privacy of others and discouraged from posting any personal information which may violate privacy laws. Additionally, users must abide by the site’s terms of service, which prohibits posting malicious content or advertising counterfeit products. Finally, the forum has strict anti-spamming policies to keep forum conversations safe and secure.
RaidForums encourages users to participate in respectful debate and learn more about computer security while engaging with like minded peers.
What type of content is posted on RaidForums?
RaidForums is an online forum board where users can discuss and share content related to hacking, online security, programming, gaming, and many other topics. It has a wide range of categories and topics catering to its worldwide community’s unique interests.
The forum’s primary focus is on content related to computer security, including topics like technical support for operating systems and applications, hacking services, tutorials and research materials on various topics such as malware analysis, reverse engineering and programming. The board also houses DarkNet marketplaces, exploit databases, software cracks, online education platforms, leaked data dumps, security advice threads, digital currencies information about coding projects and game modding. Additionally, RaidForums offers interactive elements such as Chat rooms for discussing cryptocurrencies up to advanced troubleshooting. It offers a wide range of tools for users with different interests.
Furthermore to keep members safe from malicious activities or trolling some moderators monitor the boards’ activity within each category – for instance financial discussion forums may define specific terms like Ponzi schemes that must be mentioned when exchanging money-related topics – There is also extensive use of anti-spam AI bots which scan posts to safeguard from malicious links or spammers who are looking only to gain attention. So in summary, RaidForums includes many categories covering both general topics and very specific sub forums tailored towards those who want to look into hacking deeper into any kind of content they find interesting.
The Threat Actor’s Post
A recent post on RaidForums by a threat actor has caused the website to be blocked in Indonesia. The post threatened to leak personal data of 1 million Indonesian citizens, claiming to have access to a database containing the personal details of 279 million Indonesian citizens. This post has caused alarm and worry in Indonesia, leading to it being blocked as a precaution.
Let’s look at the post and what it means for Indonesia.
What did the actor post?
The threat actor post can range from malicious intent to testing the limits of what they can achieve. Depending on the post, the goal may be to spread malicious software and viruses, redirect customers to fraudulent websites, or phish sensitive information from unsuspecting victims.
Most threat actors post in a specific medium or forum, such as dark web forums, social media platforms, text messaging services like SMS and WhatsApp, online marketplaces for illegal services, or even non-traditional communication mechanisms such as RF transmissions. In addition, threat actors can aim to carry out their malicious activities through different methods and strategies—such as DDoS attacks.
Threat actors may also use publicly available social media posts and emails to further their malicious activities. For example, threat actors might be looking for personal information posted publicly (e.g., contact information) that they could use in scams and other attacks. They might also search through common search engines such as Google for contact information or vulnerable systems they could exploit.
In addition to this direct activity on the internet or through certain channels like email and text message services, threat actors often target specific organisations by emailing them with threats or attempting to access their networks without permission. These activities are known as ‘spear phishing.’ Finally, Threat Actors may attempt to break into secured networks using brute force tactics or exploit vulnerabilities in website applications using tools like bots and malware.
How did the post become public?
The question of how the post became public remains under investigation. We can speculate about the potential methods used as we continue to review the data. The threat actor maintained control over the post for some time, leaving the possibility that they could have shared it through different protocols, including social media platforms and messenger services. It is also possible that after gaining access to the victim’s system, they could send out messages via email or cloud services integrated into their account.
Further investigation of various online marketplaces indicates it may have been made available through a dark web platform accessed by malicious actors. Such marketplaces may provide anonymity to those who purchase or divest in illicit materials such as stolen credentials and personal data. Organisations must remain vigilant when looking internally for exposed systems and externally for dark web platforms marketing stolen assets related to their operations and technology use profiles.
The Aftermath
In the aftermath of a threat actor leaking personal data of 1 million Indonesians and claiming to possess data of a staggering 279 million Indonesians in a post, RaidForums has been blocked in Indonesia. This incident has led to a massive discussion surrounding cyber security in Indonesia and the legal implications of such a data breach.
This article will provide an overview of the incident, and explore the legal and ethical implications of the data leak.
How did the Indonesian government respond?
After the uprising, the Indonesian government responded in several ways to restore order and rebuild the country. The government declared martial law, suspending civil liberties and allowing military forces to take control of many aspects of society. They also imposed strict limitations on public gatherings, censorship of media sources, enacted legislation restricting expression, mobility, and activity of political opposition parties, and instituted racial segregation known as the “May 30 Decree”.
In addition to these measures, the Indonesian government restored services and infrastructure damaged during the revolt. For example, resources were allocated for rebuilding airports and roads damaged by engineering failures or sabotage by protesters. In addition, civic projects were implemented to restore economic stability by employing downsized workers released after the revolt.
The Indonesian government has also encouraged reconciliation dialogues between individuals affected by the events of May 1998. In addition, they established programs such as truth-telling workshops that focused on facing history from different perspectives and promoted understanding among people with different backgrounds. Finally, they have tried to protect citizens’ rights within their borders by strengthening enforcement employees’ rights in labour dispute laws since 1998 through initiatives such as allowing collective bargaining agreements when businesses face financial difficulty.
What measures have been taken to protect Indonesian citizens?
In the wake of the earthquake and tsunami that struck Indonesia, the government has taken numerous actions to help protect citizens in the region. This includes distributing aid and resources, providing psychological and emotional support, issuing early warning systems, setting up evacuation shelters and establishing safe zones to ensure the safety of impact areas.
The Indonesian government is working with various foreign partners to deliver immediate humanitarian assistance to affected communities, including food, medical supplies, generators and tents. Repatriation operations have also been organised for survivors who have been displaced from their homes.
The government also undertook extensive infrastructure development in response to the disaster. This included:
- Building a system of electronic ocean buoys (‘Tsuna-metres’) that continually monitor movements in the sea.
- Installing real-time satellite imagery technology.
- Creating town development plans.
- Constructing underground seawalls near coastal villages.
- Strengthening structural integrity within buildings near volcanic regions.
- Bolstering state resilience systems for natural disasters.
Psychological services are now available in many areas impacted by the disaster to help individuals recover from trauma associated with losing loved ones or homes due to natural disasters. The construction of safe zones is another measure that has been taken by Indonesian authorities to ensure citizens in at-risk areas can remain secure during natural disasters or other emergencies.
tags = RaidForums, Indonesia, leaked personal data, data of 279M Indonesians, raidforums indonesia 1m indonesianscimpanu therecord, well-known cybercrime hub, threat actor leaked personal data