The US Department of Justice (DoJ) and the Dutch National Police have seized 39 domains linked to a Pakistan-based cybercrime network operated by a group known as Saim Raza, or HeartSender. The sites sold malicious tools to transnational organized crime groups.
According to an affidavit supporting the seizures, the Saim Raza network had been active since at least 2020, peddling phishing toolkits and other fraudulent resources to malefactors who used them to target victims in the States. The DoJ estimates that these activities have resulted in more than $3 million in financial losses.
The seized domains acted as dark marketplaces for a slew of criminal tools, including phishing kits, scam pages, and email extractors—software widely used to support wide-scale fraud operations. The DoJ daid the group not only sold these tools but provided instructional YouTube videos to teach bad actors how to use them effectively, too.
Furthermore, Saim Raza touted its tools as “fully undetectable” by antispam and security software, making them a compelling proposition for attackers, even those with relatively few technical skills.
The majority of these tools were aimed at enabling business email compromise (BEC). Threat actors used the software to fool companies into transferring funds to illegitimate accounts, resulting in substantial financial damage. Stolen user credentials obtained gleaned through phishing campaigns were also used to carry out additional acts of fraud.
The DoJ said seizing the domains aims to disrupt ongoing cybercriminal operations and limit the proliferation of these illicit tools. Officials stressed the significance of international cooperation in combatting cybercrime.
Supervisory Official Antoinette Bacon of the Justice Department’s Criminal Division, US Attorney Nicholas Ganjei for the Southern District of Texas, and Special Agent in Charge Douglas Williams of the FBI Houston Field Office jointly announced the operation.
The FBI Houston Field Office led the investigation, with critical assistance from law enforcement authorities in the Netherlands. The case is being prosecuted by Trial Attorney Gaelin Bernstein of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant US Attorney Rodolfo Ramirez for the Southern District of Texas.
The DoJ said it remains committed to dismantling underground enterprises that aid fraud and financial crimes worldwide.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.