Monday, June 24, 2024

Man will be Sentenced Upto 35 years in Prison For Offer Illegal Anti-Virus Services to Computer Hackers

A Man who resided in Latvian has been arrested for running illegal Anti-Virus operation called “Scan4you,” that helps malware authors to test their samples and confirm whether it would be detected by any other antivirus software.

His operation provide some of the sophisticated services for the world’s most destructive hackers to perform various detection test and evade the Legitimate antivirus software to compromise the victims.

Ruslan Bondars Age 37, convicted in a US court of one count of conspiracy to violate the Computer Fraud, commit wire fraud and computer intrusion with intent to cause damage.

Bondars operates Scan4you around 7 years (2009-2016) meanwhile he provided various information to cyber criminals including the details that will determine whether their malware would be detected by antivirus software.

Most of the anti-virus that he provided the information is used to protect major U.S. retailers, financial institutions and government agencies from computer intrusions.

John P. Cronan, Acting Assistant Attorney General of the Justice, said, Ruslans Bondars helped hackers test and improve the malware they then used to inflict hundreds of millions of dollars in losses on American companies and consumers,”

Most Destructive Malware Tested with Scan4you

A customer of Scan4you tested his sample was heavily sophisticated and it was used to steal approximately 40 million credit and debit card numbers.

“Also the Malware steal 70 million addresses, phone numbers and other pieces of personal identifying information, from retail store locations throughout the United States, causing one retailer approximately $292 million in expenses resulting from the intrusion.”

Another malware called “Citadel” also tested within this Scan4you operation that was used to infect over 11 million computers worldwide, including in the United States that resulted in over $500 millions.

According to U.S Justice, Citadel Malware author abused the Scan4you API that was used to directly integrate into  the Citadel malware toolkit and the  API tool allowed Scan4you users the flexibility to scan malware without the need to directly submit the malware to Scan4you’s website.

 35 Years in Prison

Legitimate antivirus scanners such as VirusTotal share data about uploaded files with the antivirus community and notify the result to  their users but Scan4you instead informed its users that they could upload files anonymously and promised not to share information about the uploaded files with the antivirus community.

Bondars have chances to faced maximum penalty of 35 years in prison and the sentenced will be held on September 21 2018.


Latest articles

Threat Actor Claiming a 0-day in Linux LPE Via GRUB bootloader

A new threat actor has emerged, claiming a zero-day vulnerability in the Linux GRUB...

LockBit Ransomware Group Claims Hack of US Federal Reserve

The notorious LockBit ransomware group has claimed responsibility for hacking the U.S. Federal Reserve,...

Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data

A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data underlying...

Consulting Companies to Pay $11 Million Failing Cybersecurity Requirements

Two consulting companies, Guidehouse Inc. and Nan McKay and Associates, have agreed to pay...

New RAT Malware SneakyChef & SugarGhost Attack Windows Systems

Talos Intelligence has uncovered a sophisticated cyber campaign attributed to the threat actor SneakyChef....

Chinese Winnti Group Intensifies Financially Motivated Attacks

Hackers are increasingly executing financially motivated attacks and all due to the lucrative potential...

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from for...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles