DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Justice Department Seizes Cybercrime Website and Charges Its Administrators

Posted on November 21, 2024 by Dissent

Three Administrators Charged and Cryptocurrency Seized

The Justice Department today announced the seizure of PopeyeTools, an illicit website and marketplace dedicated to selling stolen credit cards and other tools for carrying out cybercrime and fraud, and unsealed criminal charges against three PopeyeTools administrators: Abdul Ghaffar, 25, of Pakistan; Abdul Sami, 35, of Pakistan; and Javed Mirza, 37, of Afghanistan.

According to a criminal complaint unsealed today, Ghaffar, Sami, and Mirza are charged with conspiracy to commit access device fraud, trafficking access devices, and solicitation of another person for the purposes of offering access devices, arising from their roles as administrators of the PopeyeTools website.

As part of the actions announced today, the United States obtained judicial authorization to seize the domains www.PopeyeTools.com, www.PopeyeTools.uk, and www.PopeyeTools.to, which long hosted and facilitated access to the PopeyeTools website. According to the affidavit filed in support of these seizures, since in or around 2016, PopeyeTools served as a significant online marketplace dedicated to selling sensitive financial data and other illicit goods and tools of cybercrime to thousands of users around the world, including users associated with ransomware activity. Some of the stolen information included bank account, credit card, and debit card numbers and associated information for conducting transactions. Since its inception, PopeyeTools has offered for sale the access devices and personally identifiable information (PII) of at least 227,000 individuals and generated at least $1.7 million in revenue.

“As alleged, Ghaffar, Sami, and Mirza founded and ran a longstanding online marketplace that sold illicit goods and services for use in committing cybercrimes, including ransomware attacks and financial frauds,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Today’s announcement of the takedown of the PopeyeTools domains, the criminal charges against its operators, and the seizure of cryptocurrency is yet another example of the department’s ‘all-tools’ approach to combatting cybercrime. Working with our domestic and international partners, the Criminal Division is committed to disrupting illicit enterprises through every available means, including by taking over their websites, charging culpable individuals, and seizing their illicit proceeds.”

“Cybercrime knows no boundaries,” said U.S. Attorney Trini E. Ross for the Western District of New York. “I continue to commend the work of our federal law enforcement partners, who joined forces with law enforcement across the globe, to disrupt this illicit marketplace. The perpetrators of this illegal marketplace allegedly sold the credit card information and personally identifiable information of hundreds of thousands of victims, some who live in western New York. Because of the incredible work of law enforcement, this illegal website has been seized and taken down so no one else can be victimized.”

“Today’s seizure of PopeyeTools, an illegal website and marketplace, highlights the FBI’s dedication to weaken cybercrime,” said Special Agent in Charge Matthew Miraglia of the FBI Buffalo Field Office. “This takedown is a significant example of the FBI’s technical capabilities, as well as our strong relationships with our international partners to protect people from cybercriminals operating these types of online marketplaces.”

According to court documents, the PopeyeTools marketplace’s motto was “We Believe in Quality Not Quantity,” and the website made a name for itself by allegedly selling stolen access devices and other illicit goods and services that were valid and thereby suited to committing financial fraud. For instance, the “Live Fullz” section offered unauthorized payment card data and PII for cards that were marketed as “live” — i.e., could be used to conduct fraudulent transactions — at a price of approximately $30 per card. Other sections included “Fresh Bank Logs,” which offered logs of stolen bank account information, “Fresh Leads” or email spam lists, “Scam pages,” and “Guides and Tutorials.”

To attract members to the marketplace, PopeyeTools allegedly promised to refund or replace purchased credit cards that were no longer valid at the time of sale. In addition, at different times, PopeyeTools provided customers with access to services that could be used to check the validity of bank account, credit card, or debit card numbers offered through the website.

As part of the actions announced today, the United States also obtained judicial authorization to seize approximately $283,000 worth of cryptocurrencies from a cryptocurrency account controlled by Sami.

If convicted, Ghaffar, Sami, and Mirza face a maximum penalty of 10 years in prison on each of the three access device offenses. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI Buffalo Field Office investigated the case.

The Justice Department’s Office of International Affairs provided assistance. The Justice Department appreciates the significant assistance provided by law enforcement partners in the United Kingdom and Malaysia.

Senior Counsel Aarash A. Haghighat of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Paul Bonanno for the Western District of New York are prosecuting the case. Assistant U.S. Attorney Elizabeth Palma for the Western District of New York also assisted with the announced seizures.

A criminal complaint is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Updated November 20, 2024

Source: U.S. Department of Justice

Category: ID TheftOf NoteOther

Post navigation

← 5 Alleged Members of Scattered Spider Charged Federally (1)
Cyberattack at French hospital exposes health data of 750,000 patients →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations
  • HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
  • UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw
  • Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected
  • Russian-linked hackers target UK Defense Ministry while posing as journalists
  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.