DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Justice Department Seizes Cybercrime Website and Charges Its Administrators

Posted on November 21, 2024 by Dissent

Three Administrators Charged and Cryptocurrency Seized

The Justice Department today announced the seizure of PopeyeTools, an illicit website and marketplace dedicated to selling stolen credit cards and other tools for carrying out cybercrime and fraud, and unsealed criminal charges against three PopeyeTools administrators: Abdul Ghaffar, 25, of Pakistan; Abdul Sami, 35, of Pakistan; and Javed Mirza, 37, of Afghanistan.

According to a criminal complaint unsealed today, Ghaffar, Sami, and Mirza are charged with conspiracy to commit access device fraud, trafficking access devices, and solicitation of another person for the purposes of offering access devices, arising from their roles as administrators of the PopeyeTools website.

As part of the actions announced today, the United States obtained judicial authorization to seize the domains www.PopeyeTools.com, www.PopeyeTools.uk, and www.PopeyeTools.to, which long hosted and facilitated access to the PopeyeTools website. According to the affidavit filed in support of these seizures, since in or around 2016, PopeyeTools served as a significant online marketplace dedicated to selling sensitive financial data and other illicit goods and tools of cybercrime to thousands of users around the world, including users associated with ransomware activity. Some of the stolen information included bank account, credit card, and debit card numbers and associated information for conducting transactions. Since its inception, PopeyeTools has offered for sale the access devices and personally identifiable information (PII) of at least 227,000 individuals and generated at least $1.7 million in revenue.

“As alleged, Ghaffar, Sami, and Mirza founded and ran a longstanding online marketplace that sold illicit goods and services for use in committing cybercrimes, including ransomware attacks and financial frauds,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Today’s announcement of the takedown of the PopeyeTools domains, the criminal charges against its operators, and the seizure of cryptocurrency is yet another example of the department’s ‘all-tools’ approach to combatting cybercrime. Working with our domestic and international partners, the Criminal Division is committed to disrupting illicit enterprises through every available means, including by taking over their websites, charging culpable individuals, and seizing their illicit proceeds.”

“Cybercrime knows no boundaries,” said U.S. Attorney Trini E. Ross for the Western District of New York. “I continue to commend the work of our federal law enforcement partners, who joined forces with law enforcement across the globe, to disrupt this illicit marketplace. The perpetrators of this illegal marketplace allegedly sold the credit card information and personally identifiable information of hundreds of thousands of victims, some who live in western New York. Because of the incredible work of law enforcement, this illegal website has been seized and taken down so no one else can be victimized.”

“Today’s seizure of PopeyeTools, an illegal website and marketplace, highlights the FBI’s dedication to weaken cybercrime,” said Special Agent in Charge Matthew Miraglia of the FBI Buffalo Field Office. “This takedown is a significant example of the FBI’s technical capabilities, as well as our strong relationships with our international partners to protect people from cybercriminals operating these types of online marketplaces.”

According to court documents, the PopeyeTools marketplace’s motto was “We Believe in Quality Not Quantity,” and the website made a name for itself by allegedly selling stolen access devices and other illicit goods and services that were valid and thereby suited to committing financial fraud. For instance, the “Live Fullz” section offered unauthorized payment card data and PII for cards that were marketed as “live” — i.e., could be used to conduct fraudulent transactions — at a price of approximately $30 per card. Other sections included “Fresh Bank Logs,” which offered logs of stolen bank account information, “Fresh Leads” or email spam lists, “Scam pages,” and “Guides and Tutorials.”

To attract members to the marketplace, PopeyeTools allegedly promised to refund or replace purchased credit cards that were no longer valid at the time of sale. In addition, at different times, PopeyeTools provided customers with access to services that could be used to check the validity of bank account, credit card, or debit card numbers offered through the website.

As part of the actions announced today, the United States also obtained judicial authorization to seize approximately $283,000 worth of cryptocurrencies from a cryptocurrency account controlled by Sami.

If convicted, Ghaffar, Sami, and Mirza face a maximum penalty of 10 years in prison on each of the three access device offenses. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI Buffalo Field Office investigated the case.

The Justice Department’s Office of International Affairs provided assistance. The Justice Department appreciates the significant assistance provided by law enforcement partners in the United Kingdom and Malaysia.

Senior Counsel Aarash A. Haghighat of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Paul Bonanno for the Western District of New York are prosecuting the case. Assistant U.S. Attorney Elizabeth Palma for the Western District of New York also assisted with the announced seizures.

A criminal complaint is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Updated November 20, 2024

Source: U.S. Department of Justice

Category: ID TheftOf NoteOther

Post navigation

← 5 Alleged Members of Scattered Spider Charged Federally (1)
Cyberattack at French hospital exposes health data of 750,000 patients →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Masimo Manufacturing Facilities Hit by Cyberattack
  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
  • Florida bill requiring encryption backdoors for social media accounts has failed
  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.