back to article DOJ convicts second bloke for helping malware go undetected

The US Federal government has got its second conviction in the dismantling of a service that helped malware writers get around security software. A jury in the Eastern Virginia District Court convicted 37 year-old Ruslan Bondars, on charges of computer intrusion, conspiracy to commit wire fraud, and conspiracy to violate the …

  1. Ole Juul

    is there more to this story?

    Because the service allowed anonymous uploading and did not share any of samples

    Is that the illegal part?

  2. Phil Kingston

    Nice to see people get taken down for this kind of thing, but dang, 35 years!?

    1. bombastic bob Silver badge
      Megaphone

      35 years

      for accepting money from criminals to give them critical assistance (apparently) in causing millions of dollars of damages.

      If it had been assisting 'bank fraud' for millions of dollars, I think the 35 years would be about right. "white collar crime" needs to be punished like anything else, to put a stop to it. Long jail terms are a deterrent to OTHERS who might try this, thinking "slap on the wrist" at worst. nope. IRON BAR HOTEL STAY for half your life, instead.

      Yeah, KEEP THEM OUT of law abiding society, k-thanks.

    2. Mayday
      Alert

      Indeed, this is more than what a murderer would get in Aussie. Remind me not to fart (or murder anyone) next time I'm in the States.

  3. doublelayer Silver badge

    Wait a minute

    Don't a lot of services do this? I know many of them make you identify yourself, but it wouldn't be all that hard to start one of these. I'm surprised people who are willing to pay haven't just built one of those themselves, or that there isn't a convenient one that doesn't pretend to be a business and just stays hidden.

    Also, exactly what do you have to do with a business like this to make yourself legal? Is it just the fact that they were being used for malicious purposes and they knew it, or is there something inherently illegal about the type of business?

    1. Anonymous Coward
      Anonymous Coward

      Re: Wait a minute

      I'm trying to figure out what the difference is between something like this and VirusTotal. All I can come up with is that they accepted money that they knew (or should have known) was from criminal origin.

      1. Richard Jones 1
        WTF?

        Re: Wait a minute

        Aiding and abetting.

        Handling stolen goods.

        Conspiracy to rob.

        Failure to report criminal activity.

        Computer misuse.

        Wire fraud

        Those ideas are just for starters, I am sure that some jurisdictions could come up with some more colourful ideas.

        It would have been a shame if they were paid using a stolen credit card...

        What is wrong with 35 years, it would be best if they were put to some useful activity while serving as guests of the country's hospitality.

      2. DropBear

        Re: Wait a minute

        "I'm trying to figure out what the difference is between something like this and VirusTotal."

        You and me both. The most I can think of is Virustotal might be using scanners that let the scanner's maker take a look at anything that triggers an alarm - which would be rather counter-productive for a malware writer - while this guy probably used strictly offline scanners. Still nowhere near law-breaching IMHO, but it's all I got...

  4. Nick Kew

    Missing detail

    ... living in Latvia at the time of his arrest,

    OK, two guys with names suggestive of not merely living in Latvia but having roots in that part of the world. Convicted in the US.

    So were they:

    (a) legally arrested and extradited?

    (b) kidnapped like that Libyan couple who just got an apology from the UK government?

    (c) ambushed like Hutchins?

    1. Sgt_Oddball

      Re: Missing detail

      I was wondering the same.. either that or Team America:world police force is actually now a thing....

      1. Ole Juul

        Re: Missing detail

        The link to the attorney's office document does give a little more:

        Scan4you differed from legitimate antivirus scanning services in multiple ways. For example, while legitimate scanning services share data about uploaded files with the antivirus community and notify their users that they will do so, Scan4you instead informed its users that they could upload files anonymously and promised not to share information about the uploaded files with the antivirus community.

        I personally don't think that is good enough, but the prosecutors obviously did. Does that show intent? There are lots of reasons for favouring anonymity, for example when working on proprietary software.

        1. Anonymous Coward
          Anonymous Coward

          Re: Missing detail

          >Scan4you instead informed its users that they could upload files anonymously and promised not to share

          >information about the uploaded files with the antivirus community.

          What if for instance I received a document via email that purported to be be some sort of personal or private information pertaining to me, lets say a bank statement and I wanted to scan it before opening it.

          I might want to use a service that promises not to share that bank statement with security researchers and companies.

    2. Anonymous Coward
      Anonymous Coward

      Re: Missing detail

      2 minutes of searching

      "...says that Martyshev acted together with Ruslan Bondar who, just like Martyshev, was arrested in Latvia and extradited to the US...."

      More:

      http://tass.com/world/955053

    3. Anonymous Coward
      Anonymous Coward

      Re: Missing detail

      The crime was failing to assist the NSA getting the finest bits of malware developed.

  5. Anonymous Coward
    Anonymous Coward

    35 years is a good start

    Add on a $10 billion fine in retribution and the punishment may fit the crime.

  6. clocKwize

    I do find it hard to believe that not sharing some information with an anti-virus company can be considered a criminal offence. It doesn't make what they were doing illegal. They were providing a service that others provide, but with the ability to keep things anonymous, as someone else stated, you might be testing proprietary software and not want an analysis of it shared with security researchers, if it flagged up a false positive.

    I'm not saying they weren't in business to help malware authors, but I'm sure it was all written in a way that made it look legit, they didn't call it test-your-malware.com. Which brings it down to, they didn't do anything to stop criminals using their service. But then, there are many services used by criminals, WhatsApp isn't called TerroristSafeChat, they don't actively stop criminals using it, because its encrypted, they can't see who is talking about what, so can't do anything about it.

    Just seems a bit of a stretch to me.

    The whole extradition thing is crazy. Jurisdiction is such a grey area now the internet is a thing.

  7. Aodhhan

    Apparently, if you make crowbars and a crook uses it, you're liable.

    Obama era judges. They take a whole different approach to the 4th and 5th amendments. It will take years before many of them are out of the system.

    I get the wire fraud charge, but this is the only one which makes sense. The other two just don't make sense, unless they can, without a doubt, prove the intent was only for use by criminals and not security research and/or academia.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like