Police have taken down AVCheck, a major cybercrime infrastructure used by hackers to test if security tools could detect their malware. The authorities also seized plenty of information about threat actors who were using it.
According to the Netherlands police’s report, they exploited the mistakes of the website’s admins.
“The admins did not provide the security they promised. Law Enforcement took the servers of AVCheck offline and seized the user database with user information,” said the Dutch police.
The data about cybercriminals includes usernames, email addresses, payment information, and other “key evidence.”
The related services, Cryptor.biz and Crypt.guru, have also been taken offline by the international law enforcement operation led by the Netherlands police and supported by the US and Finnish authorities.
ABCHeck was one of the largest so-called Counter Antivirus (CAV) or crypting services, and it allowed malware developers to scrutinize their code against various antivirus solutions. The takedown will make it harder for cyber crooks to carry out malware attacks.
CAV services like AVCheck are essential for cybercriminals to bypass security systems and infect victims undetected, making them key components in malware deployment.
“Taking AVCheck offline is an important step in the fight against organised cybercrime,” says Matthijs Jaspers, Team Lead of the High Tech Crime Team of the Netherlands Police.
“It disrupts the activities of cybercriminals in the earliest stages and prevents victims.”
As part of broader efforts, the Dutch police launched a fake AVCheck login page to confront and deter users. The AVCheck service was widely used by suspects involved in Operation Endgame, a recent Europol operation to dismantle malware distribution services.
Dutch authorities emphasize a shift towards unconventional preventive measures.
“Our approach is not only the classical one of investigating and prosecuting criminals, but also to use other types of interventions to enhance digital safety,” the police said.
The US authorities seized the four domains and a server linked to cybercrime services on May 27th.
Police agents made undercover purchases from the crime websites and analyzed them to confirm they were designed for cybercrime, according to the court documents. The officers also reviewed linked email addresses and other data connecting the services to known ransomware groups that have targeted victims in the United States and abroad.
“Modern criminal threats require modern law enforcement solutions,” said US Attorney Nicholas J. Ganjei.
“Our law enforcement efforts must involve striking not just at the individual fraudster or hacker, but the enablers of these cybercriminals as well.”
FBI Houston Special Agent in Charge Douglas Williams explains that services like AVCheck allow cybercriminals to perfect malware for maximum destruction.
“FBI Houston helped cripple a global cyber syndicate, seize their most lethal tools, and neutralize the threat they posed to millions around the world,” Williams conluded.
Your email address will not be published. Required fields are markedmarked