- 3,002
- 280
- 1,730
Law enforcement in the United States and the Netherlands have seized 39 domains and associated servers used by the Pakistani phishing group HeartSender. HeartSender (also known as Saim Raza and Manipulators Team) operated hacker marketplaces for more than a decade. Authorities allege that the group sold hacking and fraud tools, including phishing kits, malware, and spam services, to “international organized crime groups.” Although the group’s activity slowed after prominent security journalist Brian Krebs exposed its activities, the group used multiple branded stores (advertised on YouTube) on different domains to reduce the risk of infrastructure takeover and deter competition. Dutch police began investigating the hackers in late 2022. U.S. law enforcement later joined the operation, dubbed Heart Blocker. According to a press release from the US Department of Justice, American citizens alone suffered losses of more than $3 million, and the HeartSender datasets contained information stolen from millions of people around the world.
[td]“Saim Raza’s websites functioned as marketplaces that advertised and sold tools such as phishing kits, fraudulent pages, and email extractors, which were often used to create and maintain fraudulent operations. Not only did Saim Raza make these tools widely available on the open internet, but it also trained end users on how to use them against victims. The group posted links to YouTube tutorials on how to execute the malware schemes, making them accessible to criminals who lacked the same technical and criminal expertise. The group also advertised its tools as being “completely undetectable” to anti-spam software,” the Justice Department said.[/td]According to the investigation, cybercriminals mainly used HeartSender tools to increase the efficiency and facilitate BEC attacks (from English business email compromise). In addition, the tools were used to obtain user credentials and then used in fraudulent schemes.
US and Dutch authorities have not reported whether the Heart Blocker operation led to any charges or arrests.
Dutch police have published a special tool with which you can search for your data in the datasets seized from HeartSender.
US and Dutch authorities have not reported whether the Heart Blocker operation led to any charges or arrests.
Dutch police have published a special tool with which you can search for your data in the datasets seized from HeartSender.