Latvian national convicted of running ‘VirusTotal-for-criminals’ malware scanner
A Latvian hacker has been convicted of crimes relating to running “Scan4You,” a for-profit website that allowed criminals to test if malware could be detected by security software.
Ruslan Bondars, 37, was convicted by a federal jury on three charges including violation of the Computer Fraud and Abuse Act, conspiracy to commit wire fraud and computer intrusion with intent to cause damage. Bondars faces the possibility of 35 years in prison, but sentences for this kind of crime are typically far smaller in practice.
He was arrested last year with Jurijs Martisevs, another Latvian accused of running Scan4You. Martisevs plead guilty earlier this year.
“Ruslan Bondars designed and operated a service that provided essential aid to some of the world’s most destructive hackers,” Tracy Doherty-McCormick, Acting U.S. Attorney for the Eastern District of Virginia, said in a statement. Bondars was responsible for the technical infrastructure of the service.
Scan4You is similar in many ways to services like VirusTotal but they are distinguished, police say, in several key ways.
“While legitimate scanning services share data about uploaded files with the antivirus community and notify their users that they will do so, Scan4you instead informed its users that they could upload files anonymously and promised not to share information about the uploaded files with the antivirus community,” according to a Justice Department release.
The service was intentionally marketed to criminals on cybercrime forums and the dark web.
Scan4You was in operation from 2006 to 2016. Prosecutors said the website expressly helped crooks test malware against antivirus software used by U.S.-based businesses and government agencies.
John P. Cronan, Acting Assistant Attorney General of the Justice Department’s Criminal Division, said the site caused hundreds of millions of dollars in losses, including one customer who used to service to test malware that was instrumental in the theft of 40 million credit and debit card numbers, 70 million addresses, phone numbers and other personally identifying information from a U.S. retailer that ultimately cost $292 million.
Scan4You was used in the development of “Citadel,” according to U.S. authorities, malware that resulted in over 11 million computers infected and $500 million in theft.
Bondars is a Latvian citizen, but Martisevs holds both Latvian and Russian citizenship. The Russian government protested his arrest and called it a kidnapping.
That’s in keeping with Moscow’s loud and negative reaction to an increasingly aggressive U.S. law enforcement strategy against Russian citizens accused of cybercrime. Russia does not extradite its own citizens to other countries, but the United States has in recent years been successfully grabbing Russian suspects when they step out of Moscow’s jurisdiction.
As a result, earlier this year, Russia’s Foreign Ministry “strongly insisted that Russian citizens carefully weigh up all the risks when planning trips abroad.”
You can read the full Scan4You indictment below.
[documentcloud url=”http://www.documentcloud.org/documents/4465267-scan4you.html” responsive=true]