HomeTech PlusTECH & OTHER NEWSTwo Romanians arrested for running three malware services

Two Romanians arrested for running three malware services

cuberseal-ad.png

A part of the CyberSeal ads posted on a hacking forum

Image: ZDNet

Romanian police forces have arrested on Thursday two individuals suspected of running three online services meant to aid malware development and distribution.

The arrests are part of a joint operation that included the FBI, Europol, Australian, and Norwegian police.

Investigators said the two Romanian suspects are believed to be the creators of three services named CyberSeal, DataProtector, and CyberScan.

The first two are so-called “crypter” services. These types of tools allow malware developers to scramble their malware’s code to bypass and evade antivirus software.

The third service, called CyberScan, worked as a clone of Google’s VirusTotal service. It allowed malware authors to upload and scan their new malware releases and see if it would be detected by antivirus software.

The difference between CyberScan and VirusTotal was that CyberScan didn’t share scan results with antivirus vendors, allowing malware authors to test the detectability of their payloads without having to fear that a “detection alert” would be sent back to the antivirus company and trigger an investigation.

The two suspects had been active on the malware scene since at least 2014 when they first began advertising CyberSeal. The two other services were launched in 2015 (DataProtector) and 2019 (CyberScan).

All three were advertised on multiple hacking forums for prices ranging from $40 to $150.

dataprotector-ad.pngdataprotector-ad.png

An ad for the DataProtector crypter service on a well-known hacking forum

Image: ZDNet

cyberscan-ad.pngcyberscan-ad.png

An ad promoting the CyberScan service

Image:ZDNet

Europol said the three tools have often been used to crypt and test different types of malware, such as RATs (Remote Access Trojans), information stealers, and ransomware.

More than 1,560 malware authors used the two crypting services to scramble the code of more than 3,000 malware strains.

Authorities cracked down against the gang yesterday, Thursday, November 19, when they searched four locations in the cities of Bucharest and Craiova in Southern Romania and made the two arrests.

According to Romania’s Directorate for Investigating Organized Crime and Terrorism (DIICOT), two other persons were also questioned, believed to be part of the group.

Investigators also took down servers in Romania, Norway, and the US. The cyber-seal.org and cyberscan.org domains, used to host two of the services, are now offline.

By ZDNet Source Link

Technology For You
Technology For Youhttps://www.technologyforyou.org
Technology For You - One of the Leading Online TECHNOLOGY NEWS Media providing the Latest & Real-time news on Technology, Cyber Security, Smartphones/Gadgets, Apps, Startups, Careers, Tech Skills, Web Updates, Tech Industry News, Product Reviews and TechKnowledge...etc. Technology For You has always brought technology to the doorstep of the Industry through its exclusive content, updates, and expertise from industry leaders through its Online Tech News Website. Technology For You Provides Advertisers with a strong Digital Platform to reach lakhs of people in India as well as abroad.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

CYBER SECURITY NEWS

TECH NEWS

TOP NEWS