After a Decade-Long Manhunt, Algeria Apprehends the Mastermind Behind One of the World’s Most Dangerous Cyber-Scam Networks
In a massive international operation spearheaded by Interpol under the codename (Operation Ramz) (which means "code" in the Arabic language), and in collaboration with the global cybersecurity firm (Group-IB), Algerian authorities have successfully arrested the developer and primary administrator of (SniperDz,) one of the internet's most notorious and dangerous phishing platforms.
The suspect, widely known as (Guedz,) had been operating the platform from within Algeria. He managed to evade law enforcement for years until his run finally came to an end following complex investigations that spanned multiple countries.
However, the story goes far beyond the arrest of a single individual. (Operation Ramz) targeted cybercrime across 13 Arab nations, resulting in the arrest of 201 suspects involved in various digital crimes. Additionally, 382 other suspects have been identified and remain under close surveillance and investigation.
As part of the regional crackdown, three cyber-criminals were arrested in Morocco. Meanwhile, in Jordan, authorities dismantled an investment scam network tied to a human trafficking ring that forced its victims to deploy malware and execute cyber-fraud operations on behalf of the syndicate.
The (SniperDz) platform itself was a highly sophisticated model of what is known as (Phishing-as-a-Service) (PaaS). Essentially, anyone with malicious intent to steal accounts or conduct cyber-scams could simply pay to use the ready-made turnkey tools provided by the platform.
Since 2015, the platform has been implicated in:
Creating and managing over (20,000 phishing domains).
Operating (53 servers) dedicated to hosting phishing campaigns.
Providing more than (80 professional templates) designed to hijack accounts.
Supporting (five languages): Arabic, English, French, Spanish, and Hebrew.
Mimicking the login pages of dozens of global brands and digital services.
Among the most prominent spoofed targets were global giants such as (PayPal, Facebook, Instagram, Yahoo, Netflix, and Steam), alongside numerous major telecommunications and digital service providers.
More alarmingly, security reports published by specialized firms like (Palo Alto Networks) indicated that a significant portion of the victims were located in the United States, where these spoofed pages were weaponized to steal banking credentials and electronic payment card data.
In the end, however, the empire crumbled due to a remarkably simple oversight.
According to investigations, (Guedz) regularly published instructional videos and tutorials for new users on the platform to teach them how to deploy his phishing tools. While recording one of these videos, a portion of the platform's administrative control panel was accidentally exposed. This brief slip-on-screen revealed sensitive data, email addresses, and technical configurations that allowed security researchers to trace his true identity and link him directly to the infrastructure powering the network.
Thus, after years of hiding behind sophisticated identity-masking techniques, his operations were brought down by a few misplaced seconds of footage containing information that was never meant to see the light of day.
The ultimate takeaway from this case? In the realm of cybersecurity, the largest criminal enterprises often collapse not because of complex technical breaches, but due to a single, minor human error.
#CyberSecurity #InterpolArrest #CryptoSecurity #algeria #Paypal 
