Man faces up to 35 years in prison for helping hackers evade detection by anti-virus software
In May 2017, one of the biggest facilitators of cybercrime, Scan4You, went offline after the two main suspects, were arrested in Latvia and extradited to the US by the Federal Bureau of Investigation (FBI). In May 2018, the case against the Scan4You’s operators concluded in a Virginia federal courtroom. Scan4You was set up in 2009 as an online service designed to help malware authors evade detection by security software.
For a monthly fee you could upload your proposed malware sample to the website, which would then run a wide variety of anti-virus products against it, providing a report of which (if any) detected the file as malicious. There are legitimate services which provide this type of service. VirusTotal is undoubtedly the most well known example of a legitimate website which invites anyone to upload potentially malicious files for free, and receive a report of what (if any) security products identify the same as in return.
The key difference, however, is that VirusTotal automatically shares submissions with the security community. In short, CAV sites like Scan4You help criminals create malware which has a higher chance of slipping past users’ defences. For instance, malicious hackers who used Scan4You’s services tested the Citadel malware that was subsequently used to steal 40 million credit card details, 70 million addresses, phone numbers and other pieces of personal information from customers in the infamous hack of US retail giant Target, causing hundreds of millions of dollars worth of damage.