Police takes down AVCheck site used by cybercriminals to scan malware

[Gandalf_The_Grey]

Content source

https://www.bleepingcomputer.com/news/security/police-takes-down-avcheck-antivirus-site-used-by-cybercriminals/

An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild.

The service's official domain at avcheck.net now displays a seizure banner with the crests of the U.S. Department of Justice, the FBI, the U.S. Secret Service, and the Dutch police (Politie).

According to an announcement on the Politie website, AVCheck was one of the largest counter antivirus (CAV) services internationally, which helped cybercriminals assess the stealthiness and evasion of their malware.

"Taking the AVCheck service offline marks an important step in tackling organized cybercrime," stated Politie's Matthijs Jaspers.

Police takes down AVCheck site used by cybercriminals to scan malware

An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild.

www.bleepingcomputer.com

 

[Jonny Quest]

Wow, I'm sure we all knew this, but to see it in print, stated like this, affirms for me how he**bent they are on what they're doing.

"Cybercriminals don't just create malware; they perfect it for maximum destruction," said FBI Special Agent Douglas Williams.

"By leveraging counter antivirus services, malicious actors refine their weapons against the world's toughest security systems to better slip past firewalls, evade forensic analysis, and wreak havoc across victims' systems."

Nice cooperation between the countries. Link taken from Gandalf's post.

Websites selling hacking tools to cybercriminals seized

A coordinated effort involving an international disruption of an online software crypting syndicate which provides services to cybercriminals to assist them with keeping their malicious software (malware) from being detected has resulted in the seizure of four domains and their associated server

www.justice.gov

The seizures occurred May 27 in coordination with Finnish and Dutch national police as part of Operation Endgame, a multinational law enforcement initiative targeting the dismantling of malware cybercriminal services. Participating countries include the United States, The Netherlands, France, Germany and Denmark with additional support from Ukraine and Portugal.

edit:sp

 

[Shadowra]

Most file analysis sites (Jotti, VirusTotal, MetaScan etc) distribute the analysed files to the site's antivirus partners to improve detection.

This type of site (there aren't many of them, but there are still some) didn't distribute to publishers, which is why they were so popular with cyber-criminals (some of them pay platforms to make their payloads totally undetectable) ... it's a big coup what the police have done!

 

[Zero Knowledge]

I don't think it matters in the end, another one is probably in operation now or about to be launched. It's a arm's race on a global level. Where there is demand there is supply.