Ruslan Bondars is a 37 year old Latvia man (formerly from USSR) who created and owned a malware testing service called Scan4U that he operated for seven years from 2009 thru 2016. He was extradited to the United States and put on trial in March 2018.
While he faced up to 35 years in prison, on September 21, 2018, he was sentenced to 14 years in a US prison for one count each of running an illegal anti-virus operation, conspiracy to violate Computer Fraud laws, committing wire fraud, and computer intrusion with intent to cause damage (hacking).
 |
| Ruslans Bondars |
To understand the gravity of this crime, readers need to understand that Bondars' service gave malware hackers complete anonymity as they tested their malware programs to avoid detection of the anti-virus programs used by major US retailers, financial institutions and government agencies.
AND, IT WAS CHEAP!
Malware actors paid as little as 15 cents per use or a monthly charge of $25 to upload their latest malware. (See screen below)
 |
| Example of Malware Check Screen |
A report was generated on whether or not their program was detectable by a wide range of anti-virus software. Once perfected, the hackers used their refined malware programs to inflict hundreds of millions of dollars of irreparable damage on American companies and consumers and steal approximately 40million credit and debit card numbers.
Malware was used to steal 70 million addresses, phone numbers and other pieces of personal identifying information, from several retail store locations throughout the United States, causing one retailer approximately $292 million in expenses resulting from the intrusion.
One of the most infamous pieces of malware that took advantage of Scan4U's service was the "Citadel" malware which infected over 11 million computers worldwide, including over $500 million in the United States at retail giant Target Stores, including customer credit card details.
Despite the Bondars defense team arguing that there were legal uses for his Scan4You service, and that Bondars could not be held responsible when customers used it for illegal purposes, US Judge Liam O’Grady was unsympathetic:
Bondars, who has also been linked to pharmaceutical spam campaigns peddling illegal prescription drugs, and in the distribution of banking trojans, told the court that he felt “ashamed that some of the website users used it for such terrible things.”
There was no pity party. He began a 14 year prison sentence this week.
Sources:
timestudios.co.uk
securityboulevard.com
No comments:
Post a Comment