A Decade of Cyber Fraud Comes to an End

A major international police crackdown has finally turned off the lights on Sniper Dz, a notorious online hacking platform that helped criminals steal personal data for over ten years. Led by INTERPOL, the multi-country sweep resulted in the arrest of the group’s main creator and boss, an individual known online as Guedz. The Algerian National Police tracked down and arrested the mastermind behind the operation, which has gone by several other names over the years, including Joker Dz and Storm Dz.

The massive police effort, named Operation Ramz, ran from late 2025 into early 2026. Law enforcement agencies from 13 different countries across the Middle East and North Africa joined forces to smash the network. By the time the dust settled, authorities had locked up 201 people connected to the scam network. Police also grabbed computers, servers, and the malicious code used to trick everyday internet users.

How the Free Hacking Tool Fooled Millions

Sniper Dz operated as a “phishing-as-a-service” business. Essentially, the creators built a ready-to-use digital crime toolkit and let other low-level scammers use it. According to security experts at Group-IB, the group has been up and running since 2015. Over the last decade, tech experts traced more than 20,000 fake web links back to this single operation. The platform created highly realistic fake login screens for 30 of the world’s biggest brands, including Facebook, Netflix, PayPal, and Instagram. To trick as many people as possible, the scammers translated these fake pages into five languages, such as English, Arabic, and French.

What made Sniper Dz incredibly dangerous was its business model: the creators gave away their hacking tools completely free of charge. Normally, cybercriminals have to pay for this kind of software. Sniper Dz broke the mold by letting anyone use their tech, which allowed amateur scammers to launch massive fraud campaigns with zero upfront costs. Instead of charging a fee, the creators made their money by stealing a cut of the data that the amateur hackers collected, creating a dark partnership that compromised at least 45,000 victims.

Stealing Data and Faking Famous Faces

The scammers did not just rely on fake emails. They also used clever psychological tricks to lower people’s guard. Fraudsters set up fake social media accounts using the names and photos of popular politicians and celebrities across the Middle East and North Africa. These fake profiles promised free internet access or special giveaways, luring unsuspecting followers into clicking dangerous links.

Once a victim clicked, the trap snapped shut. Security researchers at Palo Alto Networks Unit 42 had previously warned about the group, noting that they even ran a Telegram channel with thousands of followers to teach people how to use their fraud tools. If a victim fell for the trick and typed in their password, the hackers stole it instantly. If the victim realized it was a scam and refused to type in their info, the website automatically redirected them to other traps, like expensive text-message subscriptions or fake browser alerts. With the platform now completely offline, internet security teams are breathing a sigh of relief, though the hunt continues for smaller copycat groups.