A UK man has confessed to running a 'product-testing' service that let hackers determine whether their malicious tools could beat antivirus scanners. In the process, he made thousands off of the enterprise.
Following a joint investigation by the UK’s National Crime Agency (NCA) and cybersecurity firm Trend Micro, Goncalo Esteves, 24, of Cape Close, Colchester, Essex, admitted that he ran the website reFUD.me, which offered the testing service. Additionally, under the pseudonym KillaMuvz he also sold custom-made malware-disguising products (dubbed Cryptex Reborn and Cryptex Lite) for those that failed the test.
A month of Cryptex Lite cost $7.99, while a lifetime license for Cryptex Reborn cost $90. For that, Esteves threw in customer support via a dedicated Skype account.
Like any entrepreneur, Esteves advertised his wares. On the hackforums.net website, a well-known message board for cybercriminals, he described his offer as “a service that offers fast and reliable file-scanning to ensure that your files remain fully undetectable to anti-malware software.”
He accepted payment in conventional currency, Bitcoin or Amazon vouchers, and NCA was able to determine that he made $44,100 from more than 800 PayPal transactions between 2011 and 2015. But the Bitcoin and Amazon vouchers payments are untraceable, so it’s likely that he made much, much more.
In all, the NCA assessed that Esteves knew exactly what the criminal aims of his customers were and that he had profited from his criminality in selling them tools to carry those aims out.
“Esteves’s crimes weren’t victimless,” said Mike Hulett, head of operations at the NCA’s National Cyber Crime Unit, in an announcement. “His clients were most likely preparing to target businesses and ordinary people with fraud and extortion attempts. While offenders like Esteves try hard to stay hidden from law enforcement, NCA officers have the training and technical capability to detect them and put them before the courts. This is bolstered by strong partnerships with the private sector. We’re grateful to Trend Micro for their ongoing support in tackling cybercrime.”
Esteves pleaded guilty to two computer misuse offenses and a count of money laundering at Blackfriars Crown Court.