{"id":12321,"date":"2018-05-17T09:00:36","date_gmt":"2018-05-17T17:00:36","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/05\/17\/news-6090\/"},"modified":"2018-05-17T09:00:36","modified_gmt":"2018-05-17T17:00:36","slug":"news-6090","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2018\/05\/17\/news-6090\/","title":{"rendered":"A Five-Year Journey: How Trend Micro Helped Bring Down Scan4You"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Thu, 17 May 2018 16:24:41 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Trend Micro has always had a close relationship with law enforcement around the globe, because we believe that only together can we make the world a safer place in which to exchange digital information. As the business of cybercrime continues to grow and evolve, so must our response. That\u2019s why we were delighted to be able to help the FBI in a five-year, trans-national case which has seen two suspects brought to trial and the end the of notorious Counter AV (CAV) service Scan4You.<\/p>\n

As detailed in our new report, the case highlights not only the strength of Trend Micro\u2019s intelligence gathering and investigative support, but the often arduous nature of cybercrime policing.<\/p>\n

A long and winding road<\/strong><\/p>\n

CAV services are a key part of the global cybercrime industry, allowing would-be attackers to test the effectiveness of their malware without the risk of being detected. Without them, attacks would not be nearly so successful. Scan4You was one of the most prolific out there, having gained the hard-won trust of countless black hats. But Trend Micro researchers had other ideas.<\/p>\n

Back in 2012, while researching a private exploit kit called g01pack, we spotted some unusual activity. Just minutes before the exploits were used in the wild, somebody using IP addresses in Latvia checked whether Trend Micro\u2019s web reputation system already blocked the URLs hosting the exploits. On closer inspection we noticed those IP addresses were not only checking g01pack\u2019s exploit URLs but many others. We had just found Scan4You, an underground service which let cybercriminals check their latest malware against over 35 commercial AV engines.<\/p>\n

Over the next five years we charted the rise of the service, sharing evidence with the FBI in 2014 which ultimately helped lead investigators to arrest and bring to trial two suspects. During that time, we found that site administrators \u2018Borland\u2019 and \u2018Garrik\u2019 had ties to numerous other cybercrime activities. These included Eva Pharmacy, one of the oldest operations around using spam and SEO tactics to sell prescription drugs, as well as campaigns using banking trojans and the sale of stolen credit card details.<\/p>\n

The fight goes on<\/strong><\/p>\n

Boland and Garrik were arrested last year as part of an international policing operation, after which time we noticed all Scan4You scanning activity stopped. Even better, we\u2019ve not seen a sizeable spike in users of rival CAV services such as VirusCheckMate, so it looks like the investigation has had a real impact on the cybercrime underground.<\/p>\n

This is why Trend Micro has always worked closely with law enforcement. Protecting our customers is vital, but it\u2019s also important to try and effect change by disrupting cybercrime itself. Since 2013, our 20 partnerships with the likes of the FBI, Interpol, Europol, the UK\u2019s National Crime Agency (NCA) and more have certainly worked hard to do just that. In fact, a Scan4You reseller was recently sentenced to two years behind bars<\/a> after a joint investigation between the NCA and Trend Micro.<\/p>\n

It has been rewarding to see that Trend Micro\u2019s cooperation with intelligence investigators helped to bring the Scan4You suspects to trial: it\u2019s testament to the broad base of world-leading in-house skills and capabilities we have amassed over the past 30 years. Cybercrime is usually portrayed on TV or in the movies in a rather stereotyped, high-octane \u201cgood versus evil\u201d battle. The truth, as we\u2019ve seen, is rather more mundane, and cases take much longer than 90 minutes to crack.<\/p>\n

So, let\u2019s celebrate this success, but steel ourselves for more hard work to come. With close co-operation like this, police and security vendors like ourselves can make life increasingly uncomfortable for the bad guys. They\u2019ve had it easy for far too long. So let\u2019s take the fight to them as we continue on our mission to secure the connected world.<\/p>\n

The post A Five-Year Journey: How Trend Micro Helped Bring Down Scan4You<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Thu, 17 May 2018 16:24:41 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Trend Micro has always had a close relationship with law enforcement around the globe, because we believe that only together can we make the world a safer place in which to exchange digital information. As the business of cybercrime continues to grow and evolve, so must our response. That\u2019s why we were delighted to be…<\/p>\n

The post A Five-Year Journey: How Trend Micro Helped Bring Down Scan4You<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[4503,13114,6627,11854,560,18246,18453,714],"class_list":["post-12321","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-cybercrime","tag-europol","tag-fbi","tag-interpol","tag-law-enforcement","tag-national-crime-agency","tag-scan4you","tag-security"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12321"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12321\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}