U.S. and Dutch Forces Dismantle $3 Million Cybercrime Network
Netherlands, Monday, 3 February 2025.
In a joint effort, U.S. and Dutch authorities have dismantled HeartSender, a cybercriminal network responsible for $3 million in losses through phishing and fraud schemes.
Operational Details and Impact
The international operation, dubbed ‘Operation Heart Blocker,’ culminated on January 30, 2025, with the seizure of 39 domains and their associated servers [4][5]. Led by the U.S. Department of Justice and Dutch cyber police, the operation targeted HeartSender, a Pakistan-based network operated by Saim Raza, who previously operated under the pseudonym ‘The Manipulators’ [4]. The network’s criminal activities resulted in over $3 million in victim losses in the United States alone [1][5].
Criminal Infrastructure and Methods
HeartSender specialized in selling sophisticated cybercrime tools since at least 2020 [1][4]. Their arsenal included phishing kits, spam delivery systems, and specialized tools marketed as ‘Fully Un-Detectable’ (FUD) to evade security software [4]. Dutch police confirmed the discovery of usernames and passwords belonging to at least 100,000 Dutch citizens on the marketplaces [4]. The network particularly focused on Business Email Compromise (BEC) schemes, facilitating credential theft and mass phishing campaigns [1].
Law Enforcement Response and Public Safety Measures
The investigation began in late 2022 after authorities discovered phishing software on a suspect’s computer [4]. In response to the threat, Dutch police launched a dedicated website enabling individuals to check if their email credentials were compromised during the operation [1][6]. U.S. Attorney Nicholas J. Ganjei emphasized the widespread impact, stating that ‘These scams not only target businesses but individuals as well, causing significant hardship to the victims’ [6].
International Collaboration and Future Implications
The successful dismantling of HeartSender demonstrates the growing effectiveness of international law enforcement cooperation [1]. The operation coincided with actions against other hacker marketplaces, including Cracked.io and Nulled.to, which had combined revenues exceeding $5 million and nearly 10 million users [4]. As of February 3, 2025, the former HeartSender domain displays a Department of Justice seizure notice, marking a significant victory in the ongoing fight against cybercrime [6].