European and US law enforcement have taken down AVCheck, a major cyber crime system used by hackers to test if security tools could detect their malware in a combined operation. The police also collected information about the cyber criminals themselves.
According to the Netherlands police’s report, they exploited the mistakes of the criminal website’s admins. The criminals were using malware to access computer systems, collect sensitive data, and digitally lock entire organisations out of their own systems.
‘Taking AVCheck offline is an important step in the fight against organised cyber crime, because it disrupts the activities of cyber criminals in the earliest stages and prevents victims,’ commented Matthijs Jaspers, Team Lead of the Dutch Police High Tech Crime Team.
Furthermore, the investigation has yielded key evidence on the administrators and users of AVCheck and its related services Cryptor.biz and Crypt.guru. The data about cyber criminals includes usernames, email addresses, payment information, and other key evidence.
The related services, Cryptor.biz and Crypt.guru, have also been taken offline by the international law enforcement operation led by the Netherlands police and supported by US and Finnish authorities. The US authorities seized four domains and a server linked to cyber crime services.
ABCHeck was one of the largest so-called Counter Antivirus (CAV) or crypting services, and it allowed malware developers to scrutinise their code against various antivirus solutions. The takedown will make it harder for cyber crooks to carry out malware attacks.
CAV services like AVCheck are essential for cybercriminals to bypass security systems and infect victims undetected, making them key components in malware deployment.
As part of broader efforts, the Dutch police launched a fake AVCheck login page to confront and deter users. The AVCheck service was widely used by suspects involved in Operation Endgame, a recent Europol operation to dismantle malware distribution services.
Police officers made undercover purchases from the crime websites and analysed them to confirm they were designed for cybercrime, according to the court documents. The officers also reviewed linked email addresses and other data connecting the services to known ransomware groups that have targeted victims in the US and EU.
Key Insights
- AVCheck, a tool for testing malware against security measures, was shut down by law enforcement as a part of a global operation.
- The takedown disrupts the activities of cyber criminals at an early stage, preventing potential victims.
- Evidence collected includes usernames, email addresses, and payment information linking cyber criminals to their activities.
- Related sites Cryptor.biz and Crypt.guru were also taken offline during the operation.
- Undercover operations confirmed the criminal nature of these websites by making purchases and analysing them.
Why should I read this?
This article dives into a significant victory against cybercrime, highlighting how global cooperation can take down critical tools used by hackers. It showcases the proactive steps being taken to counteract organised cyber criminal activity, which affects everyone. If you care about cybersecurity or want to stay ahead of emerging threats, this is a must-read!