Europol – Romanian duo arrested for running malware encryption service to bypass antivirus software

20 noiembrie 2020

Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection. „These services have been purchased by more than 1560 criminals and used for crypting several different type of malware, including Remote Access Trojans, information stealers and ransomware,” according to an Europol press release.

The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools.

This operation was led by the Romanian Police (Poliția Română) together with the United States Federal Bureau of Investigation (FBI), the Australian Federal Police (AFP), the Norwegian National Criminal Investigation Service (Kripos) and Europol. It was carried out in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT).

How do criminals bypass antivirus software?

One common way for hackers to circumvent antivirus detection is through the use of crypters which encrypt or hide the underlying code in a piece of software, typically malware, to masquerade as something harmless until it gets installed on a victim’s computer.

The services provided by these two suspects fall under this category and have been offered for sale in the underground criminal market since 2010.

Their clients paid between US$40 to US$300 for these crypting services, depending on licence conditions. Their service activity was well structured and offered regular updates and customer support to the clients.

The criminals also offered a Counter Antivirus platform allowing criminals to test their malware samples against antivirus software until the malware becomes fully undetectable (FUD). The prices for this service varied between US$7 to US$40.

Adauga comentariu

Cifra/Declaratia zilei

Gabriela Nistor – director general adjunct BT

Tendinţele pe care le-am remarcat înainte de începerea pandemiei s-au accelerat pe perioada stării de urgenţă. Am văzut acest lucru ca o oportunitate, un tipping point pentru bancă. Post-pandemie nu avem cum sa ne întoarcem la comportamentul financiar pe care îl aveam până în februarie a.c. Relaţia românilor cu online-ul s-a schimbat. In plus, cardul fizic se va dematerializa. Vom asista la o scădere a cererii pentru cardurile fizice, respectiv la o creştere a preferinţei pentru componenta digitală a acestora.”


In 23 septembrie 2019, BNR a anuntat infiintarea unui Fintech Innovation Hub pentru a sustine inovatia in domeniul serviciilor financiare si de plata. In acest sens, care credeti ca ar trebui sa fie urmatorul pas al bancii centrale in 2020?