Industry News

Russian hacker gets 35 years in prison for running counter-AV service

A citizen of the former USSR who had been living in Riga, Latvia faces three charges related to his operation of “Scan4you,” an online counter-antivirus service that helped hackers dodge anti-malware solutions, the US Department of Justice has announced.

Court records reveal that, between 2009 and 2016, 37-year-old Ruslans Bondars operated Scan4you, a service that allowed malware developers to scan their malicious code against known AV solutions protecting millions of systems owned by major U.S. retailers, financial institutions and government agencies.

For instance, Scan4you helped the author of a credit card heist who made off with approximately 40 million credit and debit card numbers, as well as some 70 million addresses, phone numbers and other personal data of U.S. citizens. One retailer, particularly badly hit by the operation, suffered damages of $290 million.

The bad actors behind Citadel, a malware strain used to infect over 11 million computers worldwide, also leveraged Scan4you to hide their tracks. The developers of Citadel have caused their victims around $500 million in fraud-related damages.

“The Citadel developer took advantage of a special feature of Scan4you that allowed its integration directly into the Citadel malware toolkit through an Application Programming Interface, or API. The API tool allowed Scan4you users the flexibility to scan malware without the need to directly submit the malware to Scan4you’s website,” reads the DOJ press release.

Unlike legitimate scanning services, Scan4you was designed to diagnose malware fed to it anonymously – without sharing information about the uploaded files with the AV community.

About the author

Filip TRUTA

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware, and security, and has worked in various B2B and B2C marketing roles. He likes fishing (not phishing), basketball, and playing around in FL Studio.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.