FBI, Netherlands police shut down Pakistani cybercrime network

America's Federal Bureau of Investigation (FBI) and Netherlands Police have shut down 39 websites and their connected servers in Pakistan that were used to sell hacking and fraud tools as part of a joint operation to fight cybercrime.

According to the U.S. Department of Justice and the FBI, a man named Saim Raza, also known as "Heart Sender," was running the cybercrime network.

The U.S. authorities submitted documents showing that Saim Raza had been running these "cybercrime websites" since at least 2020. These websites were selling hacking tools that criminals used to commit fraud and cyberattacks.

The network sold the tools to international criminal groups, who then used them to scam people in the United States, causing financial losses of at least $3 million.

U.S. Attorney Nicholas J. Ganjei commented that almost everyone knows someone who has been affected by computer hacking. The frauds not only target businesses but also harm ordinary people, causing them stress and financial trouble.

Regarding Saim Raza’s network, he added that even though these people were based in another country, they were easily spreading hacking tools for money through their website. But today, authorities have significantly reduced their ability to harm others.

How Did the Investigation Start?

In 2022, Dutch police found a fraud software on a suspect’s computer during a separate investigation. This led to a deeper probe into the network. The Netherlands Police revealed that this network was already under investigation in the United States. The criminals ran ‘web shops’ where they advertised these hacking tools on YouTube to attract buyers.

The network was selling hacking tools such as scampages, which are fake websites used to steal personal data, senders, which are tools for sending mass fraudulent emails, and cookie grabbers, which are tools that steal login details.

The Netherlands Police explained that these tools allowed criminals to send mass scam emails or steal people's IDs and passwords. The U.S. Department of Justice also stated that Saim Raza’s network not only sold hacking tools but also uploaded YouTube tutorials on how to use them.

The Netherlands Police confirmed that some buyers of these tools were from their own country, and investigations into them are going on. 

How Did Criminals Use These Tools?

The U.S. Department of Justice has said that international criminal groups used the tools for business email fraud, tricking companies into transferring money to third-party accounts, which actually belonged to the criminals. This led to huge financial losses for the victims.

During the investigation, Netherlands Police discovered that Heart Sender had stored a database of nearly 100,000 stolen usernames and passwords. These were likely used for fraudulent activities.

Past Cybercrime Activities

This is not the first time Saim Raza or the Heart Sender group have been linked to hacking and fraud.

Brian Krebs, a former American journalist and digital security expert, has been investigating the network for nearly a decade. He wrote on his website that the cybercriminal group in Pakistan is also known as ‘DomManipulators.’

Krebs first reported about the group in 2015, claiming they ran hundreds of websites selling hacking tools designed to steal people's personal information.

How to Protect Yourself?

To avoid falling victim to cyber fraud, do not download unknown apps from untrusted sources. Do not click on links from unknown emails or messages. Be cautious of free software or financial offers that seem too good to be true.