Friday, March 29, 2024

Man will be Sentenced Upto 35 years in Prison For Offer Illegal Anti-Virus Services to Computer Hackers

A Man who resided in Latvian has been arrested for running illegal Anti-Virus operation called “Scan4you,” that helps malware authors to test their samples and confirm whether it would be detected by any other antivirus software.

His operation provide some of the sophisticated services for the world’s most destructive hackers to perform various detection test and evade the Legitimate antivirus software to compromise the victims.

Ruslan Bondars Age 37, convicted in a US court of one count of conspiracy to violate the Computer Fraud, commit wire fraud and computer intrusion with intent to cause damage.

Bondars operates Scan4you around 7 years (2009-2016) meanwhile he provided various information to cyber criminals including the details that will determine whether their malware would be detected by antivirus software.

Most of the anti-virus that he provided the information is used to protect major U.S. retailers, financial institutions and government agencies from computer intrusions.

John P. Cronan, Acting Assistant Attorney General of the Justice, said, Ruslans Bondars helped hackers test and improve the malware they then used to inflict hundreds of millions of dollars in losses on American companies and consumers,”

Most Destructive Malware Tested with Scan4you

A customer of Scan4you tested his sample was heavily sophisticated and it was used to steal approximately 40 million credit and debit card numbers.

“Also the Malware steal 70 million addresses, phone numbers and other pieces of personal identifying information, from retail store locations throughout the United States, causing one retailer approximately $292 million in expenses resulting from the intrusion.”

Another malware called “Citadel” also tested within this Scan4you operation that was used to infect over 11 million computers worldwide, including in the United States that resulted in over $500 millions.

According to U.S Justice, Citadel Malware author abused the Scan4you API that was used to directly integrate into  the Citadel malware toolkit and the  API tool allowed Scan4you users the flexibility to scan malware without the need to directly submit the malware to Scan4you’s website.

 35 Years in Prison

Legitimate antivirus scanners such as VirusTotal share data about uploaded files with the antivirus community and notify the result to  their users but Scan4you instead informed its users that they could upload files anonymously and promised not to share information about the uploaded files with the antivirus community.

Bondars have chances to faced maximum penalty of 35 years in prison and the sentenced will be held on September 21 2018.

Website

Latest articles

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles