International police action has shut down AVCheck, an anti-virus scanning website used by threat actors to check whether their malware was detected by mainstream antivirus before using it in the attacks. The official domain “avcheck.net” now shows a seizure banner with the logos of the U.S. Secret Service, the U.S. Department of Justice, the FBI, and the Dutch Police (Politie).
The site was used globally by threat actors
According to the announcement, AVCheck was a famous counter antivirus (CAV) website globally that enabled hackers to check the efficiency of their malware. Politie’s Matthijs Jaspers said, “Taking the AVCheck service offline marks an important step in tackling organized cybercrime.” With the collaborative effort, the agencies have disrupted the “cybercriminals as early as possible in their operations and prevent victims.”
The officials also discovered evidence linking AVCheck’s administrators to encrypting services Cryptor.biz (seized) and Crypt.guru (currently offline). Crypting services allow threat actors to hide their payloads from antivirus, blending them in the ecosystem. Hackers also use a crypting service to hide their malware, check it on AVCheck or other CAV services to see if is detected, and finally launch it against their targets.
De
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article:
Read the original article: