48/68 Tuesday, February 4, 2025
U.S. and Dutch authorities have seized 39 domains and servers associated with the HeartSender cybercrime group, which operates out of Pakistan. The group, also known as Saim Raza and Manipulators Team, has been selling phishing tools and malware to cybercriminals since 2020, causing over $3 million in damages in the United States. The seized domains were used in Business Email Compromise (BEC) scams, which trick victims into revealing credentials and redirecting payments to criminals’ accounts.
According to a KrebsOnSecurity report, HeartSender had been advertising its services since 2015. In 2021, key members established WeCodeSolutions to make their illicit profits appear legitimate. However, HeartSender’s website had vulnerabilities that exposed customer data without requiring authentication. Additionally, some members’ computers were found to be infected with password-stealing malware, leading to massive data leaks.
This domain seizure is part of an ongoing effort to disrupt cybercriminal operations and limit the spread of fraudulent tools. Dutch authorities have also launched a public website where individuals can check if their data was stolen by HeartSender. This action marks a significant step in combating cybercrime, which continues to threaten businesses and individuals worldwide.
Source https://securityaffairs.com/173750/cyber-crime/heartsender-cybercrime-marketplaces-seized.html
