U.S. and Dutch authorities have successfully disrupted a major Pakistan-based online hacking operation, seizing 39 domains associated with illicit marketplaces selling fraud-enabling tools. This coordinated law enforcement action, dubbed Operation Heart Blocker, aimed to dismantle a network run by Pakistani hacker Saim Raza, also known by his alias HeartSender.
For nearly five years, Raza’s operation sold a wide array of cybercrime tools—including phishing toolkits, email extractors, and cookie grabbers—on the dark web. These tools were primarily marketed to transnational organized crime groups, enabling them to perpetrate fraud schemes that led to over $3 million in losses, particularly targeting victims in the U.S.
The seized websites facilitated business email compromise attacks, where cybercriminals used Raza’s tools to deceive individuals into transferring funds to bank accounts controlled by the perpetrators. In addition, the tools allowed for the theft of login credentials, which were further exploited in various scams. Raza also provided instructional materials and training to help less tech-savvy criminals launch successful attacks.
Thousands of cybercriminals worldwide purchased these tools, which were marketed as “undetectable” by antispam measures. Some of these buyers were located in the Netherlands, where authorities tracked down numerous suspects involved in the distribution and use of the tools. Raza’s marketplaces also offered hacked infrastructure for sale, including web servers and email accounts, fueling further cybercrime operations.
Following the domain seizures, authorities discovered vast datasets containing millions of compromised personal records, affecting individuals across the globe. Dutch police have set up a dedicated website where people can check if their email credentials were part of the breach. If compromised, users are urged to change their login details immediately and be cautious of phishing attempts that may target their contacts.
This operation highlights the growing global effort to combat online fraud and cybercrime by targeting the infrastructure that enables such activities. By disrupting key cybercrime marketplaces, authorities have delivered a significant blow to the tools enabling large-scale online fraud.
Picture from Stockcake
