Pakistani authorities have arrested 21 people accused of operatingHeart virtue“The once popular spam and malware dissemination service has been around for more than a decade. The main customers inside the heart are organized criminal groups trying to trick victims into paying third parties, and their so-called everyone was publicly identified by Krebs Beauty after being infected with their malware in non-wide computers.
Some core developers and sellers are posing on a work outing in 2021. WecoDesolutionsBoss Rameez Shahzad (in sunglasses) is located in the center of this set of photos, posted by employee Burhan Ul Haq, and the image is to the right of Shahzad.
Pakistani media reports dawn It noted that authorities there arrested 21 people allegedly operating Heartsender, a spam delivery service whose homepage publicly advertises phishing suites targeting users of various internet companies, including Microsoft 365, Yahoo, AOL, AOL, INTUIT, INTUIT, ICLOUD and ID.ME. Pakistani National Cyber Crime Investigation Agency According to reports, (NCCIA) conducted a raid in the town of Bakhria and Multan in Lahore from May 15 to 16.
NCCIA told reporters that in the United States alone, the group’s tools are related to losses of more than $50 million, and European authorities have also investigated 63 cases.
“It’s not only a scam, but it’s essentially a cybercrime university that empowers fraudsters around the world.” NCCIA Director Abdul Ghaffar said at a press conference.
In January 2025, the FBI and Dutch police occupied the technical infrastructure of the cybercrime service, which was sold under the brand Heartsender fudpage and fudtools (and many other “FUD” variants). The “FUD” bit stands for “totally undetectable” and refers to a cybercrime resource that will evade detection through security tools such as Antivirus Software or Anti-Spam devices.
The FBI said transnational organized crime groups that purchase these services mainly use them to run the Business Email Compromise (BEC) program, where cybercrime actors deceive victim companies to pay third parties.
Dawn report said the arrested persons included Rameez Shahzadallegedly the leader of Heartsender’s cybercrime business, which recently operated under the Pakistan Front Wecodesolutions. Mr. Shahzad was named in the 2021 Krebsonsecurity story and portrayed in a series of excellent operational security errors that exposed their identities, and the Facebook page shows employees posing for group photos and socializing on work-related outings.
Shahzad and others were arrested this month, when a web hosting team called themselves before folding its operations in Wecodesolutions Manipulator. Krebsonsecurity first wrote about manipulators in May 2015, mainly because their ads at the time shrouded many popular cybercrime forums and because they were quite open and exaggerated about what they were doing (even in real life).
Sometime in 2019, the manipulator failed to renew its core domain name – Manipulator[.]com – The same thing related to many of the company’s business operations. The field was soon snapped up by cyber intelligence company Scylla Intel, which specializes in connecting cybercriminals into real life. Soon after, Scylla began receiving massive email communications against the group owners.
In 2024, Domaintools.com The web hosted version of Heartsender was found to have leaked a large amount of user information to unauthenticated users, including customer credentials and email records from Heartsender employees. Domaintools said malware infections to manipulator PCs exposed “a vast amount of account-related data and an overview of the group’s membership, operations and location in the broader underground economy.”
Shahzad is allegedly usedSaim Raza“The identity of Crabson security contacts multiple times over the past decade, demanding the removal of the story about the group. Saim Raza identity recently contacted the author in November 2024 and claimed they resigned from the cybercrime industry and flipped a new leaf in the case of a Pakistani police station.
The arrested suspects include Ramez Shahzad, Mohamed Aslan (Rameez’s father), Atif Hussein, Mohamed Umar Elshad, Yasir Ali, Syed Saim Saim Ali Shah, Muhammad Nowsherwan, Burhanul Haq, Adnan Munawar, Adnan Munawar, Abdul Moiz, Hybar ahmar ahmad ahmad ahmad and billb hamad, Muhammad Adeel Akram, Awais Rasool, Usama Farooq, Usama Mehmood and Hamad Nawaz.
