A Man who resided in Latvian has been arrested for running illegal Anti-Virus operation called “Scan4you,” that helps malware authors to test their samples and confirm whether it would be detected by any other antivirus software.
His operation provide some of the sophisticated services for the world’s most destructive hackers to perform various detection test and evade the Legitimate antivirus software to compromise the victims.
Ruslan Bondars Age 37, convicted in a US court of one count of conspiracy to violate the Computer Fraud, commit wire fraud and computer intrusion with intent to cause damage.
Bondars operates Scan4you around 7 years (2009-2016) meanwhile he provided various information to cyber criminals including the details that will determine whether their malware would be detected by antivirus software.
Most of the anti-virus that he provided the information is used to protect major U.S. retailers, financial institutions and government agencies from computer intrusions.
John P. Cronan, Acting Assistant Attorney General of the Justice, said, Ruslans Bondars helped hackers test and improve the malware they then used to inflict hundreds of millions of dollars in losses on American companies and consumers,”
— U.S. Attorney EDVA (@EDVAnews) May 16, 2018
Most Destructive Malware Tested with Scan4you
A customer of Scan4you tested his sample was heavily sophisticated and it was used to steal approximately 40 million credit and debit card numbers.
“Also the Malware steal 70 million addresses, phone numbers and other pieces of personal identifying information, from retail store locations throughout the United States, causing one retailer approximately $292 million in expenses resulting from the intrusion.”
Another malware called “Citadel” also tested within this Scan4you operation that was used to infect over 11 million computers worldwide, including in the United States that resulted in over $500 millions.
According to U.S Justice, Citadel Malware author abused the Scan4you API that was used to directly integrate into the Citadel malware toolkit and the API tool allowed Scan4you users the flexibility to scan malware without the need to directly submit the malware to Scan4you’s website.
Legitimate antivirus scanners such as VirusTotal share data about uploaded files with the antivirus community and notify the result to their users but Scan4you instead informed its users that they could upload files anonymously and promised not to share information about the uploaded files with the antivirus community.
Bondars have chances to faced maximum penalty of 35 years in prison and the sentenced will be held on September 21 2018.