Owners of "VirusTotal-for-Crooks" Service Arrested

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
....some quotes from the article:

Ruslans Bondars and Jurijs Martisevs, two Latvian citizens, are facing charges in the US for running a portal that allowed cybercrooks to scan and see if their malware was detected by antivirus software.

Called "no distribute scanners," these services are similar to VirusTotal, with the main difference being that they block telemetry and don't share scan results with antivirus vendors.

"No distribute scanners" are regularly used during the process of coding a malware family as a way to make sure the malware is undetectable. They are also used just before malware authors start malware distribution campaigns, as a last check to ensure their final and ready-to-go payloads are still undetectable.

Authorities arrest owners of decade-old malware scanner
According to an indictment unsealed yesterday by the Department of Justice (DOJ) and obtained by Bleeping Computer, Bondars and Martisevs have operated such a service since 2006, which they advertised on hacking forums and on the Dark Web.

Officials redacted the scanner's name in the DOJ indictment, but said the service had over 30,000 users and was "one of the biggest of its kind."
Click to expand...

Are these the Scan4You authors?
While the name of the scanner has been redacted, many security researchers such as MalwareHunter or MalwareTech have said they suspect that Bondars and Martisevs might have operated Scan4You, one of the biggest "no distribute scanners" around, which went down this spring. The API for this scanner was often found used by many malware samples analyzed by MalwareHunter, the researcher tells Bleeping Computer.
Click to expand...
 
  • Like
Reactions: Pradip, Parsh, Solarquest and 9 others
F

ForgottenSeer 58943

How is this even illegal? Jotti gave me his source code a few years ago and I was going to set one up for research purposes. Is there any specific law that states one cannot setup one of these for research purposes and if they do why would they be required to submit samples?

I'm not an attorney however on the surface it seems like a very flimsy case to try and prosecute. It's not like they are distributing malware.
 
  • Like
Reactions: LASER_oneXM
K

kamla5abi

Level 4
Verified
May 15, 2017
178
ForgottenSeer 58943 said:
How is this even illegal? Jotti gave me his source code a few years ago and I was going to set one up for research purposes. Is there any specific law that states one cannot setup one of these for research purposes and if they do why would they be required to submit samples?

I'm not an attorney however on the surface it seems like a very flimsy case to try and prosecute. It's not like they are distributing malware.
Click to expand...
This was my first thought also, how is this illegal?? o_O:rolleyes:
But then i thought about other laws that exist...:oops:

ex: you might not actually murder someone, but if the alleged murderer is your friend, and you give them refuge or help or misdirect cops while the cops are looking for your friend, they can charge you with aiding & abetting, obstruction of justice, etc etc.
Maybe its a similar case or analogy that they are using?
They didn't create/distribute malware, but they provided an online portal for malware makers to use (probably anonymously lol) to see if their malware gets detected. If it does, means the malware creators go back to drawing board to fix their malware. Sounds like providing aid to malware creator, and if they can prove it was provided "on purpose" (sounds like they did if they advertised on hacking forums and darkweb) which would likely have to be the case for prosecution to actually win the case

not a lawyer either, but watch cop shows :p
 
  • Like
Reactions: LASER_oneXM and ForgottenSeer 58943
F

ForgottenSeer 58943

kamla5abi said:
This was my first thought also, how is this illegal?? o_O:rolleyes:
But then i thought about other laws that exist...:oops:

not a lawyer either, but watch cop shows :p
Click to expand...

LOL! I might set one up just to see if anyone tries to push me around with it. Fortunately, I have access to a couple free/cheap litigators if the need arises. But the reality is, if no commerce or intellectual property laws are being violated and no criminal intent is involved, they'd be out of luck building a case.

This is sort of like an anonymous VPN provider being held liable for data someone uses on their VPN.. No case can be brought there by any attorney with half a brain.
 
Last edited by a moderator:
  • Like
Reactions: LASER_oneXM
D

Deleted member 178

I dont see anything illegal in this:

Don't American citizens have access to a shooting range if they own a gun?
Does going to a shooting range makes you a criminal?
Does the owner of the range is an accomplice of criminals using his range?

All this is another BS made of the US' prosecution sickness.
 
  • Like
Reactions: LASER_oneXM
F

ForgottenSeer 58943

Umbra said:
I dont see anything illegal in this:

Don't American citizens have access to a shooting range if they own a gun?
Does going to a shooting range makes you a criminal?
Does the owner of the range is an accomplice of criminals using his range?

All this is another BS made of the US' prosecution sickness.
Click to expand...

Agreed. Those of us that are US Citizens must challenge this nonsense whenever possible. To take them to task in an unrelenting manner. This is why I take my privacy and the privacy of my family seriously. Anyone attempting to take that away will be faced with a great amount of resistance, always. I find it a badge of honor to get labels like nuisance or whatever.. :p Like I said, I have no issue with going out of my way to prove someone like this wrong or put them back into their place when they step over the line.
 
5

509322

Umbra said:
I dont see anything illegal in this:

Don't American citizens have access to a shooting range if they own a gun?
Does going to a shooting range makes you a criminal?
Does the owner of the range is an accomplice of criminals using his range?

All this is another BS made of the US' prosecution sickness.
Click to expand...

The primary criminal charges are conspiracy, conspiracy to commit wire fraud, and wire fraud. Evidently they were ripping at least some people off. Secondary is "hacking."
 
  • Like
Reactions: shmu26
You must log in or register to reply here.

Similar threads

oldschool
    • Like
    • Wow
    • HaHa
  • Locked
Security News US charges Russian military officers for unleashing wiper malware on Ukraine
Replies
11
Views
1,895
Security News
Marko :)
Marko :)
Bot
    • Like
Security News E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
Replies
0
Views
946
Security News
Bot
Bot
Gandalf_The_Grey
    • Wow
    • Like
    • +Reputation
Data leak exposes data of registered VirusTotal customers
Replies
3
Views
2,354
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top