U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DoJ seized credit card marketplace PopeyeTools and charges its administrators

The U.S. seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. The US Department of Justice announced the seizure of PopeyeTools, an illegal carding platform, and charges against three administrators (Abdul Ghaffar (25), of Pakistan; Abdul Sami (35) of Pakistan; and Javed Mirza (37), of Afghanistan). […]

PopeyeTools

The U.S. seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime.

The US Department of Justice announced the seizure of PopeyeTools, an illegal carding platform, and charges against three administrators (Abdul Ghaffar (25), of Pakistan; Abdul Sami (35) of Pakistan; and Javed Mirza (37), of Afghanistan).

The defendants are charged with conspiracy to commit access device fraud, trafficking access devices, and solicitation of another person to offer access devices.

PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. According to DoJ PopeyeTools has offered for sale the access devices and personally identifiable information (PII) of at least 227,000 individuals and generated at least $1.7 million in revenue.

The U.S. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools.

The US authorities seized www.PopeyeTools.co.uk, and www.PopeyeTools.to, which facilitated access to the PopeyeTools website.

To advertise the marketplace, PopeyeTools allegedly promised to refund or replace purchased credit cards that were no longer valid at the time of sale. PopeyeTools also provided customers with access to services that could be used to check the validity of bank account, credit card, or debit card numbers offered through the website.

“As alleged, Ghaffar, Sami, and Mirza founded and ran a longstanding online marketplace that sold illicit goods and services for use in committing cybercrimes, including ransomware attacks and financial frauds,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Today’s announcement of the takedown of the PopeyeTools domains, the criminal charges against its operators, and the seizure of cryptocurrency is yet another example of the department’s ‘all-tools’ approach to combatting cybercrime. Working with our domestic and international partners, the Criminal Division is committed to disrupting illicit enterprises through every available means, including by taking over their websites, charging culpable individuals, and seizing their illicit proceeds.”

If convicted, Ghaffar, Sami, and Mirza each face up to 10 years in prison per access device charge, with sentencing determined by federal guidelines and factors.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)