{"id":5296,"date":"2025-02-01T06:19:18","date_gmt":"2025-02-01T06:19:18","guid":{"rendered":"https:\/\/weeklyyoung.pk\/?p=5296"},"modified":"2025-02-01T06:19:18","modified_gmt":"2025-02-01T06:19:18","slug":"us-dutch-action-targets-pakistani-cybercrime-outfit","status":"publish","type":"post","link":"https:\/\/weeklyyoung.pk\/?p=5296","title":{"rendered":"US-Dutch action targets \u2018Pakistani\u2019 cybercrime outfit"},"content":{"rendered":"<p>\u2022 DOJ says group known by moniker \u2018The Manipulaters\u2019 operated online marketplace for software used in financial crimes<br \/>\n\u2022 Law enforcement estimates network caused over $3bn in financial losses in US alone<\/p>\n<p>WASHINGTON: In a major international crackdown, US and Dutch authorities claimed to have dismantled a Pakistan-based cybercrime network accused of selling hacking tools and fraud-enabling services to criminals worldwide.<\/p>\n<p>The US Department of Justice (DOJ) identified the network as HeartSender, allegedly led by an individual known as Saim Raza. While the DOJ did not disclose personal details about Raza or his whereabouts, it stated that the network operated online marketplaces for over a decade, facilitating phishing, malware distribution, and large-scale financial fraud.<\/p>\n<p>As part of Operation Heart Blocker, law enforcement agencies seized 39 domains and associated servers used by the network. The DOJ estimated that these platforms caused financial losses exceeding $3 million in the US alone.<\/p>\n<p>\u201cThese scams not only target businesses but individuals as well, causing significant hardship to the victims,\u201d said US Attorney Nicholas J. Ganjei. \u201cEven though these individuals operate from abroad, their websites made it easy to distribute malicious hacking tools for a fee. However, today we have significantly disrupted their ability to harm others.\u201d<\/p>\n<p>The group created and sold phishing kits \u2014 software designed to mimic legitimate login pages for platforms like Microsoft 365, Yahoo, AOL, Intuit, iCloud, and others. These fake pages tricked victims into entering their usernames and passwords, which were then stolen and sold on underground markets.<\/p>\n<p>Their flagship service, HeartSender, was an advanced spam delivery system that enabled criminals to send mass phishing emails while bypassing security filters. The software was available both as a web-based platform and as a downloadable Windows executable.<\/p>\n<p>On Friday, search results for the website heartsender.com return the message: \u2018This website has been seized\u2019, alongside a DOJ notice.<\/p>\n<p>Modus operandi<\/p>\n<p>According to the DOJ, Raza not only sold hacking tools but also trained criminals in their use. The group provided instructional videos on YouTube, demonstrating phishing techniques and methods to evade detection. Their tools were marketed as \u201cfully undetectable\u201d by anti-spam and security software.<\/p>\n<p>The network specialised in business email compromise (BEC) schemes, tricking companies into transferring funds to fraudulent accounts. Stolen user credentials were then used to commit further financial fraud.<\/p>\n<p>Dutch authorities, who played a key role in the operation, have launched a website where individuals can check if their email credentials were compromised. Officials have warned that stolen email addresses could be exploited to target both victims and their contacts.<\/p>\n<p>As part of a parallel investigation under Operation Talent, two suspects were arrested in Spain, and law enforcement seized 17 servers and 12 domains linked to cybercrime platforms, including Cracked.io, Cr acked.to, and Nulled.to. These forums had hosted millions of ads selling hacking tools. The FBI Houston Field Office is leading the investigation, with support from Dutch authorities. The DOJ acknowledged the critical role played by international partners in dismantling the network.<\/p>\n<p>Who is Saim Raza?<\/p>\n<p>Raza is the central figure behind The Manipulaters, a Pakistan-based cybercrime group said to be engaged in phishing and spam operations for over a decade. Under various brand names \u2014including Fudtools, Fudpage, Fudsender, and FudCo \u2014 he specialised in selling tools designed to evade cybersecurity detection.<\/p>\n<p>The term \u201cFUD\u201d stands for \u201cFully Un-Detectable,\u201d and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances.<\/p>\n<p>Despite previous claims of reform, The Manipulaters continued their illicit activities, attracting legal scrutiny. In January 2024, Raza contacted journalist Brian Krebs, pleading for the removal of past reports on his operations.<\/p>\n<p>He claimed to have \u201cleft everything\u201d and disclosed that Pakistani authorities had filed a police report against him. In his message, he alleged that law enforcement was primarily seeking bribes.<\/p>\n<p>Raza later claimed to have left Pakistan, though the credibility of this statement remains uncertain.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u2022 DOJ says group known by moniker \u2018The Manipulaters\u2019 operated online marketplace for software used in financial crimes \u2022 Law enforcement estimates network caused over $3bn in financial losses in US alone WASHINGTON: In a major international crackdown, US and Dutch authorities claimed to have dismantled a Pakistan-based cybercrime network accused of selling hacking tools [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":5297,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-5296","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-court-and-crime"],"_links":{"self":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts\/5296","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5296"}],"version-history":[{"count":1,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts\/5296\/revisions"}],"predecessor-version":[{"id":5298,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts\/5296\/revisions\/5298"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/media\/5297"}],"wp:attachment":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}