Mass Arrests in Pakistan Target Long-Running ‘Heartsender’ Malware Operation

Global ‘Heartsender’ phishing operation dismantled as Pakistani authorities arrest 21 in sweeping cybercrime crackdown.

Coordinated raids disrupt decade-long malicious operation

Pakistan’s National Cyber Crime Investigation Agency (NCCIA) has arrested 21 people alleged to be behind “Heartsender,” a malware and phishing infrastructure that covertly supported global fraud networks for over a decade.

The arrests took place during raids in Lahore and Multan on May 15 and 16, targeting individuals allegedly connected to the platform’s development, distribution and commercial operations.

As Pakistani media outlet Dawn reports, Heartsender was openly marketed as a spam and phishing toolkit provider, offering services designed to circumvent email filters and security controls. Such tools are typically labeled as FUD (Fully Un-Detectable) in cybercrime circles.

From underground forums to real-world consequences

Investigators believe the Heartsender service played an instrumental role in business email compromise (BEC) schemes across Europe and North America.

The scams often involved impersonating executives or vendors to divert legitimate business payments to criminal-controlled accounts.

The NCCIA estimates that the threat actors amassed over $50 million from US targets alone, while European law enforcement agencies are still probing dozens of additional cases.

Rameez Shahzad, one of those taken into custody, is alleged to be the architect of the operation. He is also allegedly linked to prior ventures under the name “The Manipulaters” and, more recently, a Pakistani tech firm used as a corporate front.

International effort to disrupt cybercrime-as-a-service

The arrests follow a broader international operation involving the FBI and Dutch authorities that led to the seizure of Heartsender-connected infrastructure and affiliate services.

Other recent operations targeting global cybercrime include Operation ENDGAME, which dismantled major ransomware delivery platforms, the US charging the alleged leader of the Qakbot botnet and the indictment of 16 suspects tied to the DanaBot malware.

The importance of dedicated protection against digital threats

Specialized tools like Bitdefender Ultimate Security can shield you from ransomware, phishing attempts, and other cyber intrusions.

Its key features include complete, real-time protection against cyber threats, including viruses, worms, Trojans, spyware, ransomware, and zero-day exploits, network threat prevention, multi-layered ransomware protection, anti-phishing, cryptomining protection, and AI-powered scam detection.