HomeSecurity ArchitectureThe FBI and Dutch Police Disrupt Manipulaters Phishing Gang – Krebs on...

The FBI and Dutch Police Disrupt Manipulaters Phishing Gang – Krebs on Security

Published on

spot_img

Dozens of servers and domains associated with a notorious spam and malware operation based in Pakistan were seized this week by the FBI and authorities in The Netherlands. The group, known collectively as “The Manipulaters,” has been under scrutiny since 2015 for their illegal activities. The main clients of this service are organized crime groups that utilize phishing and malware to deceive companies into making payments to a third party.

The cybercrime service, which includes brands such as Heartsender, Fudpage, and Fudtools, is specifically designed to evade detection by security tools like antivirus software and anti-spam appliances. The recent seizure by Dutch authorities involved 39 servers and domains located abroad, containing millions of records from victims worldwide, including about 100,000 records related to Dutch citizens.

The U.S. Department of Justice has identified the cybercrime group as “Saim Raza,” a pseudonym used by The Manipulaters to promote their illicit services on social media platforms. These services include phishing kits, scam pages, and email extractors used by organized crime groups to conduct business email compromise schemes. In such schemes, companies are tricked into making payments that are redirected to accounts controlled by the cybercriminals, leading to significant financial losses for the victims.

Heartsender, the primary product offered by The Manipulaters, is a spam delivery service that openly advertised phishing kits targeting users of popular internet companies like Microsoft 365, Yahoo, and iCloud. The disruption of this cybercrime group is aimed at halting the proliferation of tools used in fraudulent schemes and protecting potential victims.

The Manipulaters have been previously exposed for their activities, with investigations revealing their lack of concern for protecting their identity and their customers. DomainTools found that the group’s web-hosted version of Heartsender leaked sensitive user information, including credentials and email records. Additionally, evidence showed that the group’s computers were infected with password-stealing malware, leading to the theft and sale of numerous credentials online.

Authorities in The Netherlands are continuing their investigation into the owners and customers of the cybercrime service, with a focus on identifying buyers and potential Dutch nationals involved in the illegal activities. In a coordinated effort, law enforcement agencies in the U.S., Australia, France, Greece, Italy, Romania, and Spain also seized domains associated with longstanding cybercrime forums such as Cracked and Nulled, which collectively attracted millions of users.

The operation, known as “Operation Talent,” also targeted platforms like Sellix, an e-commerce platform used by cybercriminals to trade illicit goods and services. These efforts demonstrate a global commitment to combating cybercrime and protecting individuals and organizations from online threats. The investigation into The Manipulaters and other cybercrime operations is ongoing, with authorities working to dismantle these networks and hold those responsible accountable for their actions.

Source link

Latest articles

FastNetMon Introduces Netomics, a Self-Hosted Routing Intelligence Platform

London, United Kingdom, July 10th, 2026, CyberNewswire In a significant development within the realm of...

Microsoft Alerts Users to Rising Volume of Security Updates

Microsoft has issued a cautionary statement to its customers concerning a significant increase in...

ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust and 17 Additional Stories

The Hidden Dangers of Neglected Security Practices: A Comprehensive Overview of Threats This Week The...

Microsoft Unveils GigaWiper: A Backdoor Engineered for On-Demand Destruction

Unveiling the Capabilities of GigaWiper: A New Threat in Cybersecurity Recent findings have shed light...

More like this

FastNetMon Introduces Netomics, a Self-Hosted Routing Intelligence Platform

London, United Kingdom, July 10th, 2026, CyberNewswire In a significant development within the realm of...

Microsoft Alerts Users to Rising Volume of Security Updates

Microsoft has issued a cautionary statement to its customers concerning a significant increase in...

ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust and 17 Additional Stories

The Hidden Dangers of Neglected Security Practices: A Comprehensive Overview of Threats This Week The...