The U.S. Department of Justice has announced the seizure of PopeyeTools, a notorious website and online marketplace used for selling stolen credit card data and other cybercrime tools.

The authorities also unsealed criminal charges against three individuals tied to the site’s operations: Abdul Ghaffar (25) and Abdul Sami (35), both of Pakistan, and Javed Mirza (37) from Afghanistan.

The criminal complaint revealed that the three administrators were involved in a conspiracy to commit access device fraud, trafficking in stolen access devices, and soliciting others to offer these illicit goods. The Justice Department’s actions resulted in the seizure of PopeyeTools’ domains—www.PopeyeTools.com, www.PopeyeTools.uk, and www.PopeyeTools.to—domains that had been central to the marketplace’s illegal operations since at least 2016.

PopeyeTools had become a significant global hub for the sale of sensitive financial information, offering access to stolen credit card, bank account, and debit card data, along with other cybercrime-related tools. Over its lifetime, the site had trafficked in the personal details of at least 227,000 individuals, generating over $1.7 million in illicit revenue.

In a statement, Principal Deputy Assistant Attorney General Nicole M. Argentieri emphasized the Department’s ongoing commitment to using all available resources to combat cybercrime. “Today’s takedown of PopeyeTools and the criminal charges against its operators are part of our broader strategy to disrupt cybercrime networks,” Argentieri said.

Buy Me a Coffee

U.S. Attorney Trini E. Ross praised the global cooperation among law enforcement agencies, emphasizing the far-reaching impact of PopeyeTools, which victimized individuals, including those in Western New York. “Because of the incredible work of law enforcement, this illegal website has been seized, preventing further victimization,” she said.

READ
US Officials Urge Use of Encrypted Apps to Safeguard Communications Amid Ongoing Telecom Hack Risks

The seizure also included the confiscation of approximately $283,000 in cryptocurrency from an account controlled by Sami, underlining the growing intersection of cybercrime and digital currency.

The FBI’s Matthew Miraglia further highlighted the operation’s significance, noting, “This takedown is a testament to the FBI’s technical capabilities and our strong international partnerships to safeguard individuals from cybercriminal activity.”

PopeyeTools’ operations were designed to ensure the sale of “live” stolen payment card data and provide tools for conducting financial fraud. Its services included access to “Live Fullz,” which offered active credit card data for fraudulent transactions, and a range of other illicit goods like bank account logs, email spam lists, and scam guides.

If convicted, Ghaffar, Sami, and Mirza face up to 10 years in prison for each of the three access device offenses. The final sentencing will be determined by a federal district court judge, taking into account federal sentencing guidelines and other relevant factors.