The U.S. Department of Justice has announced the seizure of the PopeyeTools website, a notorious cybercrime website that facilitated the trafficking of stolen financial information and tools for committing fraud. Along with this major takedown, criminal charges have been filed against three administrators of the site: Abdul Ghaffar, 25, of Pakistan; Abdul Sami, 35, of Pakistan; and Javed Mirza, 37, of Afghanistan.
The trio is accused of running a multi-million-dollar cybercrime operation that sold stolen credit card details, bank account information, and other illicit goods to criminals around the world. The Justice Department’s action marks the latest in a series of efforts to disrupt illegal online marketplaces that contribute to cybercrime, including the recent seizure of the PopeyeTools website, which had been operating since 2016.
The Seizure of the PopeyeTools Website
The website, which has been described as a major hub for cybercriminals, sold access devices such as stolen credit card and bank account numbers, and personally identifiable information (PII) for at least 227,000 individuals. PopeyeTools also allegedly generated over $1.7 million in revenue from its illicit activities.
The cybercrime website PopeyeTools was known for offering a wide array of stolen data, including “live” credit card information, bank logs, and email spam lists, all marketed to criminals seeking to exploit these items for fraudulent activity.
One of the site’s most notable sections, “Live Fullz,” offered working credit card data for around $30 per card, with guarantees that the data would be valid for fraudulent transactions. Another section, “Fresh Bank Logs,” offered stolen banking information, while other parts of the site provided scam guides, tutorials, and spam email lists to help criminals in their endeavors.
In addition to providing stolen financial data, the PopeyeTools website provided tools that allowed customers to verify the validity of stolen data and offered to refund or replace invalid data, further enhancing its reputation as a reliable source for cybercriminals.
The Justice Department’s Role in Disrupting Cybercrime
Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division, emphasized the department’s commitment to using every tool available to combat cybercrime. As alleged, Ghaffar, Sami, and Mirza founded and ran a longstanding online marketplace that sold illicit goods and services for use in committing cybercrimes, including ransomware attacks and financial frauds,” she said. Today’s announcement of the takedown of the PopeyeTools domains, the criminal charges against its operators, and the seizure of cryptocurrency is yet another example of our ‘all-tools’ approach to combatting cybercrime.”
The Justice Department’s efforts to shut down the PopeyeTools website are part of a broader strategy to dismantle online platforms that facilitate cybercrime and fraud. The U.S. government worked closely with international law enforcement agencies, including those from the United Kingdom and Malaysia, to bring the perpetrators to justice.
PopeyeTools Website Shutdown and Cryptocurrency Seizure
The U.S. government took decisive action by obtaining judicial authorization to seize the domains associated with the PopeyeTools website: http://www.PopeyeTools.com, http://www.PopeyeTools.co.uk, and http://www.PopeyeTools.to. The website had been a major platform for the sale of stolen financial data and cybercrime tools. Additionally, the government seized approximately $283,000 worth of cryptocurrency from an account controlled by one of the administrators, Abdul Sami.
The FBI, which played a key role in investigating the PopeyeTools cybercrime website, emphasized that dismantling the infrastructure of cybercriminals is crucial to reducing the threat posed by online fraud. FBI Assistant Director Bryan Vorndran of the Cyber Division stated, “In addition to unsealing charges against the administrators of PopeyeTools, we’ve also seized domains and cryptocurrency associated with the cybercriminal marketplace. The FBI will continue to relentlessly pursue the facilitators of cybercrime along with their tools and resources.”
Legal Consequences for the Administrators
The charges against Abdul Ghaffar, Abdul Sami, and Javed Mirza are serious, with each facing a maximum sentence of 10 years in prison for each of the three access device offenses they are accused of committing. If convicted, the three men will face severe penalties, though a federal judge will determine the final sentence based on the U.S. Sentencing Guidelines and other statutory factors.
U.S. Attorney Trini E. Ross for the Western District of New York stressed the importance of the operation in protecting the public, noting, “I continue to commend the work of our federal law enforcement partners, who joined forces with law enforcement across the globe, to disrupt this illicit marketplace. The perpetrators of this illegal marketplace allegedly sold the credit card information and personally identifiable information of hundreds of thousands of victims, some who live in western New York.”
