Cyber Security News

Authorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks

Authorities have seized 39 websites allegedly used to sell hacking tools and fraud-enabling software.

The crackdown targeted a Pakistan-based network of online marketplaces operated by a group known as Saim Raza (aka HeartSender), which allegedly facilitated cyberattacks on individuals and businesses worldwide.

The announcement was made by U.S. Attorney Nicholas J. Ganjei, Supervisory Official Antoinette T. Bacon of the Justice Department’s Criminal Division, and Special Agent in Charge Douglas Williams of the FBI.

The operation, conducted on January 29, was a collaborative effort involving the FBI and the Dutch National Police.

The seized websites have been replaced with a seizure notification that displays the logos of the Department of Justice (DOJ) and the FBI, informing visitors that the domains are now under federal custody.

Hacking Tools for Sale Since 2020

According to an affidavit supporting the seizures, Saim Raza used these websites since at least 2020 to sell phishing toolkits, scam pages, and other digital tools designed to facilitate fraud.

These tools were marketed primarily to transnational organized crime groups, who used them to launch various schemes and scams.

The cybercriminals’ activities reportedly caused over $3 million in losses to victims in the United States alone.

“These scams not only target businesses but individuals as well, causing significant hardship to the victims,” said U.S. Attorney Ganjei.

“The ease with which these malicious hacking tools were sold online for a fee made it possible for criminals abroad to harm people globally. Today, however, we have disrupted their operations and delivered a major blow to their ability to continue spreading harm.”

The seized websites not only offered hacking tools for sale but also provided tutorials to assist buyers in using them.

These included links to instructional YouTube videos teaching cybercriminals how to execute phishing schemes using the purchased tools.

Marketed as “fully undetectable” by anti-spam software, these tools provided even low-skilled criminals with the ability to carry out sophisticated cyberattacks.

Fraudulent Schemes and Victim Losses

The primary use of these tools was to facilitate business email compromise (BEC) schemes.

Criminals used these schemes to impersonate executives or vendors and trick companies into transferring funds into accounts controlled by the perpetrators.

The tools also enabled criminals to steal login credentials and escalate fraud operations, leading to significant financial losses.

The seizure of these domains aims to disrupt the ongoing activities of these cybercriminal groups and prevent the further proliferation of these tools.

The FBI’s Houston Field Office spearheaded the investigation, with invaluable cooperation from Dutch authorities.

Assistant U.S. Attorney Rodolfo Ramirez and Trial Attorney Gaelin Bernstein of the Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case.

“While the perpetrators may have operated from abroad, their reach was global, and we will continue our efforts to ensure they face justice,” said Supervisory Official Bacon.

The coordinated takedown highlights the growing international collaboration required to combat cybercrime and the global efforts to protect individuals and organizations from sophisticated hacking networks.

Collect Threat Intelligence with TI Lookup to improve your company’s security - Get 50 Free Request

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…

19 hours ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution…

19 hours ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…

19 hours ago

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…

19 hours ago

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

23 hours ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

24 hours ago