U. S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network

Feb 01, 2025Ravie LakshmananCybercrime / Fraud Prevention

In an effort to destroy a community of online marketplaces originating from Pakistan, U.S. and French law enforcement agencies have announced that they have destroyed 39 domains and their related servers.

The motion, which took place on January 29, 2025, has been codenamed Operation Heart Blocker.

The great number of websites in question were bribe-selling hacking software and creating fraud, and they have been run by a group known as Saim Raza, which is also known as HeartSender.

Transnational organized crime groups then used these offers to target a number of Americans victims as part of various business email compromise ( ) schemes, resulting in losses totaling more than$ 3 million.

” The Saim Raza-run websites operated as marketplaces that advertised and facilitated the sale of tools such as phishing kits, scam pages, and email extractors, often used to build and maintain fraud operations”, the U. S. Department of Justice ( DoJ) .

Saim Raza made these tools widely available online, and it also provided end users with training on how to use them against victims by linking to tutorial YouTube videos on how to use these harmful programs, making them accessible to legal actors without this technical background in criminal law.

The DoJ added that the tools that were featured on the markets made it possible to obtain target consumer credentials, which were then used to advance the deceptive schemes.

French police the judicial group sold a number of programs to facilitate online fraud, which could be used by cybercriminals to send phishing emails at a higher rate or to steal username credentials, in a planned statement. Before it shut down, the services is thought to have had a large number of customers.

By visiting the URL “www.” people can test if they are one of the victims of token fraud. politie [. ] nl/checkjehack” and entering their email lists.

Independent security journalist Brian Krebs initially exposed the crime object in May 2015, with a statement from DomainTools last year operational security gaps that suggested some systems associated with the threat actors have been compromised by stealer malware.

The company that despite lacking the technical sophistication that another significant cybercrime vendors do, their most notable feature is that they are one of the first phishing-focused cybercrime marketplaces to diagonally integrate their business model while also expanding their operations to some individually branded stores.

Evidence suggests that The Manipulaters have added new people and that one of their first members have left. They appear to have a physical appearance in Pakistan, including Lahore, Fatehpur, Karachi, and Faisalabad”.

At the end of January 2025, a coordinated law enforcement activity dubbed Talent was launched, which included the elimination of online criminal sites like Cracked, Nulled, Sellix, and StarkRDP.

Found this post interesting? To read more unique information we post, follow us on and Twitter.

Leave a Comment