The dismantling of PopeyeTools is part of a broader effort by the Department of Justice to combat cybercrime and protect the public from financial fraud.

Law enforcement seized approximately $283,000 in cryptocurrency from an account controlled by Abdul Sami, along with multiple domains associated with the platform.

The seized domains included www.PopeyeTools.com, www.PopeyeTools.co.uk, and www.PopeyeTools.to, which had facilitated access to the marketplace since its inception.

Previous law enforcement actions against cybercriminals include the May 2024 seizure of the data theft forum Breachforums, which has since resumed operations with restricted access.

The marketplace reportedly generated an estimated revenue of $1.7 million from the sale of personal and financial information of over 227,000 individuals, offering 'quality' stolen financial data for around $30 per set.

PopeyeTools featured sections for unauthorized payment card data, personally identifiable information (PII), and tools for fraud, along with customer support for validating stolen data.

U.S. authorities have seized the cybercrime website 'PopeyeTools' and unsealed charges against its three administrators: Abdul Ghaffar, Abdul Sami, and Javed Mirza.

These administrators, aged 25, 35, and 37, face serious charges including conspiracy to commit access device fraud, trafficking access devices, and solicitation to offer access devices, each carrying a maximum penalty of 10 years in prison.

PopeyeTools, operational since approximately 2016, was a significant platform for selling sensitive financial data, illegal goods, and cybercrime tools to thousands of users worldwide, many of whom were linked to ransomware activities.

Data traded on the site included bank information, credit and debit card details, and other necessary transactional information, facilitating fraudulent transactions.

The platform provided guarantees for purchased credit cards, promising replacements or refunds if the cards were invalid, and offered services to verify the validity of the stolen information.

As of now, there have been no arrests made, and it remains unclear where the suspects are located or if extradition can be pursued.