Cybercrime

US, Dutch Authorities Disrupt Pakistani Hacking Shop Network

US and Dutch authorities seized 39 domains to disrupt a network of hacking and fraud marketplaces operated by Saim Raza.

US and Dutch authorities seized 39 domains to disrupt a network of hacking and fraud marketplaces operated by Saim Raza.

Authorities in the US and the Netherlands on Thursday announced the disruption of a Pakistan-based network of illicit online marketplaces selling hacking and fraud-enabling tools.

As part of the law enforcement action, named Operation Heart Blocker, 39 domains and their associated servers were seized. For roughly five years, these websites had been operated by a threat actor known as Saim Raza and HeartSender, and advertised as facilitating fraud.

Since 2020, Saim Raza has been selling phishing toolkits, scam pages, email extractors, and cookie grabbers to transnational organized crime groups, who used them to cause more than $3 million in losses to victims in the US.

Saim Raza, the US Department of Justice says, made these fraud-enabling tools available on the open internet, and provided miscreants with instructions and training on how to use them, making them available to cybercriminals who lacked technical expertise.

The tools were advertised as being fully undetectable by antispam solutions, and threat actors leveraged them primarily in business email compromise schemes that convinced victims to make payments to bank accounts controlled by the attackers.

Additionally, the tools allowed threat actors to steal user credentials, which were used as part of the fraud schemes.

Advertisement. Scroll to continue reading.

Thousands of miscreants worldwide bought Saim Raza’s tools to send large volumes of spam and phishing messages and to steal victims’ credentials, the Dutch police said on Thursday.

On the illicit marketplaces, visitors could also buy hacked infrastructure, such as web servers, SMTP servers, and WordPress accounts. Authorities have tracked down “a number of buyers of the tools”, including individuals in the Netherlands.

Millions of data records belonging to individuals worldwide were also found in Saim Raza’s datasets following the seizure, and the Dutch police has set up a website where users can enter their email address to learn if their credentials had been compromised.

Users who receive an email after entering their address, the Dutch police says, should immediately change their login credentials, and should be wary of unsolicited emails that could be phishing attempts. According to law enforcement, the compromised email addresses could also be used to target a victim’s contacts.

Related: Nulled, Other Cybercrime Websites Seized by Law Enforcement

Related: IP Spoofing Attack Tried to Disrupt Tor Network

Related: Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown

Related: Staying on Topic in an Off Topic World

Related Content

Cyberwarfare

Both foes and allies have targeted the Balochistan Police force in Pakistan for at least two years, according to SentinelOne.

Cybercrime

Hundreds of C&C servers were disrupted in an operation involving law enforcement and several cybersecurity companies.

Cybercrime

Nathan Austad has been ordered to pay roughly $1.8 million in forfeiture and restitution, and the sentence also includes 3 years of supervised release. 

Malware & Threats

Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta.

Cybercrime

26-year-old Abdellah Belmili faces up to 30 years in prison for allegedly operating the marketplaces Market0Day and Spoxy.

Cybercrime

Using a custom sniffer, the threat actor has captured over 110 million credentials since at least February 2026.

Malware & Threats

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame.

Cybercrime

Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version