International law enforcement effort dismantles malicious antivirus scanner

The U.S. Justice Department, FBI, and Secret Service, as well as the Dutch and Finnish police, have taken down AVCheck, which has been leveraged by threat actors to ensure that their malware bypasses antivirus tools, as part of the latest round of Operation Endgame, according to CyberScoop.

Also disrupted as part of the operation — which led to the sequestration of four domains and a server — were the Cryptor.biz and Crypt.guru crypting services associated with AVCheck, said officials. Such a clampdown commenced with purchases from the websites, which led to the identification of email addresses and data that had been leveraged in ransomware attacks against the U.S. and other parts of the world. "As cybercriminals have become more sophisticated in their schemes, they have likewise become more advanced in their efforts to avoid detection. As such, our law enforcement efforts must involve striking not just at the individual fraudster or hacker, but the enablers of these cybercriminals as well. This investigation did exactly that. With this syndicate shut down, there is one less provider of malicious tools for cybercriminals out there," said U.S. Attorney for the Southern District of Texas Nicholas Ganjei.