Thursday, February 27, 2025
Follow us On Linkedin
HomeCyber CrimeMalware Operators Arrested for Running Services To Bypass Antivirus Software

Malware Operators Arrested for Running Services To Bypass Antivirus Software

Cyber CrimeMalware

Published on

By Gurubaran
Malware Operators Arrested

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Romanian police forces have arrested two individuals this week, for allegedly running two malware crypting services like CyberSeal and DataProtector to escape antivirus software detection.

These services were purchased by quite 1560 criminals and used for crypting several different types of malware, including Remote Access Trojans, Information stealers, and Ransomware.

The pair used the Cyberscan service also which allowed their clients to test their malware against antivirus tools.

How do Criminals Bypass Antivirus Software?

Generally, hackers bypass antivirus detection through the utilization of crypters that encrypt or hide the primary code in a piece of software, usually malware to pretend to be something harmless until it gets installed on the victim’s device.

In this case, the services provided by these two suspects fall into a similar category and are offered for sale in the underground criminal market since 2010. Their clients paid between US$40 to US$300 for these crypting services, counting on license conditions. Their service activity was well structured and offered regular updates and customer support to the clients.

The criminals also offered a Counter Antivirus platform allowing criminals to test their malware samples against antivirus software until the malware becomes fully undetectable (FUD). The costs of this service varied between US$7 to US$40.

The Action took place against this Case

The agreed action, in this case, was led by Europol’s European Cybercrime (EC3) which smooth the progress of the exchange of data and provided forensic, malware, and operational analysis in grounding for the action.

European enforcement agencies and therefore the FBI collaborated to chase down the service operators. Therefore, the CyberSeal (cyber-seal.org) and Cyberscan (cyberscan.org) websites are now offline. These services were very well-networked on the dark web.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Also Read

Top 10 Best Free Antivirus Download For PC 2020

Mobile spyware that steal Twitter credentials uses sandbox to Evade antivirus detections

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cyber Security News

Authorities Arrested Hacker Behind 90 Major Data Breaches Worldwide

Cybersecurity firm Group-IB, alongside the Royal Thai Police and Singapore Police Force, announced the...
Cisco

Cisco Nexus Vulnerability Allows Attackers to Inject Malicious Commands

Cisco Systems has issued a critical security advisory for a newly disclosed command injection...
Cyber Security News

New Wi-Fi Jamming Attack Can Disable Specific Devices

A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from...
CVE/vulnerability

GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts

GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

APT

Ghostwriter Malware Targets Government Organizations with Weaponized XLS File

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group...
cyber security

Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications

Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade...
cyber security

Poseidon Mac Malware Hiding Within PKG Files to Evade Detections

A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved