The Department of Justice (DoJ) announced today that a Federal jury convicted Ruslans Bondars, a resident of Latvia, on three counts related to his operation of “Scan4you,” an online counter-antivirus service. Bondars was convicted of one count of conspiracy to violate the Computer Fraud and Abuse Act, one count of conspiracy to commit wire fraud, and one count of computer intrusion with intent to cause damage and aiding and abetting.
Bondars, a citizen of the former USSR who has been residing in Latvia, operated Scan4you, which helped computer hackers determine whether antivirus software could detect the computer viruses and other malicious software the hackers created, DoJ said.
Scan4you helped cyber criminals determine whether their malware would be detected by antivirus software used to protect major U.S. retailers, financial institutions, and government agencies. At its height, the DoJ explained, Scan4you was one of the largest services of its kind and had at least thousands of users.
“Malware developed with the assistance of Scan4you included some of the most prolific malware known to the FBI and was used in major computer intrusions committed against American businesses,” DoJ said in a statement.
One Scan4you customer tested malware that was later used to steal approximately 40 million credit and debit card numbers, as well as roughly 70 million addresses, phone numbers and other pieces of personal identifying information, from retail store locations throughout the United States. One retailer, DoJ said, incurred $292 million of costs from the intrusion.
Scan4you was also instrumental in the development of “Citadel,” a malware strain that infected 11 million computers worldwide, including in the United States. “Citadel” caused over $500 million in fraud-related loses, it said.
Bondars’s sentencing is scheduled for Sept. 21, 2018.