The services provided by criminals offered those interested in orchestrating more advanced attacks the ability to modify dangerous files so that they would not be detected by security solutions, including video tutorials to help infect the target as effectively as possible. In exchange for the services, the group asked customers on cybercrime platforms for between $ 40 and $ 150.

The migration of cyber attackers from writing all the components necessary for a cyber attack to renting from third parties some services necessary for development is a recent evolution of the criminal phenomenon on the Internet. Thus, the advantage of this practice is that IT threat providers can dedicate themselves exclusively to those components that they master best, without wasting time with acquiring the knowledge necessary to pack them in a final form. For all parties involved, profits are generated more easily, threats are generated faster, which leads to an extremely attractive business model.

The DRACO team within Bitdefender, specialized in investigations and remediation of cyber attacks, made available to the authorities the company’s telemetry and its technical expertise, analyzing the computer threats in this case and identifying the malware families that used these services to remain undetected by the protection installed on device, known online as CyberSeal and Data Protector.

“Arresting suspects and dismantling such groups is another blow to cybercrime and one of the many cross-border operations in recent years in which Bitdefender has worked with law enforcement agencies around the world, such as the FBI, Europol, Interpol or DEA. . Such successes bring us one step closer to our daily mission of making the Internet a more secure environment, “said Bitdefender representatives.

Authorities and law enforcement agencies that need investigation assistance or are the target of a cyber attack can contact the DRACO team at