Tuesday, April 29, 2025
HomeCyber CrimeMalware Operators Arrested for Running Services To Bypass Antivirus Software

Malware Operators Arrested for Running Services To Bypass Antivirus Software

Published on

SIEM as a Service

Follow Us on Google News

Romanian police forces have arrested two individuals this week, for allegedly running two malware crypting services like CyberSeal and DataProtector to escape antivirus software detection.

These services were purchased by quite 1560 criminals and used for crypting several different types of malware, including Remote Access Trojans, Information stealers, and Ransomware.

The pair used the Cyberscan service also which allowed their clients to test their malware against antivirus tools.

- Advertisement - Google News

How do Criminals Bypass Antivirus Software?

Generally, hackers bypass antivirus detection through the utilization of crypters that encrypt or hide the primary code in a piece of software, usually malware to pretend to be something harmless until it gets installed on the victim’s device.

In this case, the services provided by these two suspects fall into a similar category and are offered for sale in the underground criminal market since 2010. Their clients paid between US$40 to US$300 for these crypting services, counting on license conditions. Their service activity was well structured and offered regular updates and customer support to the clients.

The criminals also offered a Counter Antivirus platform allowing criminals to test their malware samples against antivirus software until the malware becomes fully undetectable (FUD). The costs of this service varied between US$7 to US$40.

The Action took place against this Case

The agreed action, in this case, was led by Europol’s European Cybercrime (EC3) which smooth the progress of the exchange of data and provided forensic, malware, and operational analysis in grounding for the action.

European enforcement agencies and therefore the FBI collaborated to chase down the service operators. Therefore, the CyberSeal (cyber-seal.org) and Cyberscan (cyberscan.org) websites are now offline. These services were very well-networked on the dark web.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Also Read

Top 10 Best Free Antivirus Download For PC 2020

Mobile spyware that steal Twitter credentials uses sandbox to Evade antivirus detections

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Blinded from Above: How Relentless Cyber-Attacks Are Knocking Satellites Out of Sight

According to the Center for Strategic & International Studies' (CSIS) 2025 Space Threat Assessment,...

Google Chrome Vulnerability Allows Attackers to Bypass Sandbox Restrictions – Technical Details Revealed

A severe vulnerability, identified as CVE-2025-2783, has been discovered in Google Chrome, specifically targeting...

Threat Actors Accelerate Transition from Reconnaissance to Compromise – New Report Finds

Cybercriminals are leveraging automation across the entire attack chain, drastically reducing the time from...

ResolverRAT Targets Healthcare and Pharmaceutical Sectors Through Sophisticated Phishing Attacks

A previously undocumented remote access trojan (RAT) named ResolverRAT has surfaced, specifically targeting healthcare...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

RansomHub Ransomware Deploys Malware to Breach Corporate Networks

The eSentire’s Threat Response Unit (TRU) in early March 2025, a sophisticated cyberattack leveraging...

Advanced Multi-Stage Carding Attack Hits Magento Site Using Fake GIFs and Reverse Proxy Malware

A multi-stage carding attack has been uncovered targeting a Magento eCommerce website running an...

Hannibal Stealer: Cracked Variant of Sharp and TX Malware Targets Browsers, Wallets, and FTP Clients

A new cyber threat, dubbed Hannibal Stealer, has surfaced as a rebranded and cracked...