Friday, February 28, 2025
HomeCyber Security NewsAuthorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks

Authorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks

Published on

SIEM as a Service

Follow Us on Google News

Authorities have seized 39 websites allegedly used to sell hacking tools and fraud-enabling software.

The crackdown targeted a Pakistan-based network of online marketplaces operated by a group known as Saim Raza (aka HeartSender), which allegedly facilitated cyberattacks on individuals and businesses worldwide.

The announcement was made by U.S. Attorney Nicholas J. Ganjei, Supervisory Official Antoinette T. Bacon of the Justice Department’s Criminal Division, and Special Agent in Charge Douglas Williams of the FBI.

The operation, conducted on January 29, was a collaborative effort involving the FBI and the Dutch National Police.

The seized websites have been replaced with a seizure notification that displays the logos of the Department of Justice (DOJ) and the FBI, informing visitors that the domains are now under federal custody.

Hacking Tools for Sale Since 2020

According to an affidavit supporting the seizures, Saim Raza used these websites since at least 2020 to sell phishing toolkits, scam pages, and other digital tools designed to facilitate fraud.

These tools were marketed primarily to transnational organized crime groups, who used them to launch various schemes and scams.

The cybercriminals’ activities reportedly caused over $3 million in losses to victims in the United States alone.

“These scams not only target businesses but individuals as well, causing significant hardship to the victims,” said U.S. Attorney Ganjei.

“The ease with which these malicious hacking tools were sold online for a fee made it possible for criminals abroad to harm people globally. Today, however, we have disrupted their operations and delivered a major blow to their ability to continue spreading harm.”

The seized websites not only offered hacking tools for sale but also provided tutorials to assist buyers in using them.

These included links to instructional YouTube videos teaching cybercriminals how to execute phishing schemes using the purchased tools.

Marketed as “fully undetectable” by anti-spam software, these tools provided even low-skilled criminals with the ability to carry out sophisticated cyberattacks.

Fraudulent Schemes and Victim Losses

The primary use of these tools was to facilitate business email compromise (BEC) schemes.

Criminals used these schemes to impersonate executives or vendors and trick companies into transferring funds into accounts controlled by the perpetrators.

The tools also enabled criminals to steal login credentials and escalate fraud operations, leading to significant financial losses.

The seizure of these domains aims to disrupt the ongoing activities of these cybercriminal groups and prevent the further proliferation of these tools.

The FBI’s Houston Field Office spearheaded the investigation, with invaluable cooperation from Dutch authorities.

Assistant U.S. Attorney Rodolfo Ramirez and Trial Attorney Gaelin Bernstein of the Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case.

“While the perpetrators may have operated from abroad, their reach was global, and we will continue our efforts to ensure they face justice,” said Supervisory Official Bacon.

The coordinated takedown highlights the growing international collaboration required to combat cybercrime and the global efforts to protect individuals and organizations from sophisticated hacking networks.

Collect Threat Intelligence with TI Lookup to improve your company’s security - Get 50 Free Request

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access

Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable...

Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally

A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched...

PingAM Java Agent Vulnerability Allows Attackers to Bypass Security

A critical security flaw (CVE-2025-20059) has been identified in supported versions of Ping Identity’s...

New GitHub Scam Uses Fake “Mods” and “Cracks” to Steal User Data

A sophisticated malware campaign leveraging GitHub repositories disguised as game modifications and cracked software...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access

Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable...

Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally

A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched...

PingAM Java Agent Vulnerability Allows Attackers to Bypass Security

A critical security flaw (CVE-2025-20059) has been identified in supported versions of Ping Identity’s...