Operator of ‘VirusTotal for criminals’ gets 14-year prison sentence

A Latvian hacker convicted of crimes relating to running the for-profit malware scanning site “Scan4You” was sentenced to 14 years in prison on Friday.

Ruslan Bondars, 37, was convicted earlier this year on three charges, including violation of the Computer Fraud and Abuse Act, conspiracy to commit wire fraud and computer intrusion with intent to cause damage. The court found a loss amount of $20.5 billion.

“Ruslan Bondars helped malware developers attack American businesses,” said Assistant Attorney General Brian Benczkowski. “The Department of Justice and its law enforcement partners make no distinction between service providers like Scan4You and the hackers they assist: we will hold them accountable for all of the significant harm they cause and work tirelessly to bring them to justice, wherever they may be located.”

Operated from 2009 to 2016, Scan4You is similar to VirusTotal — a long-running repository favored by the cybersecurity industry — but was intentionally marketed to criminals on cybercrime forums and the dark web. The site had thousands of users and was used in the development of prolific malware including Citadel, according to U.S. authorities, which resulted in more than 11 million computers infected and $500 million in theft.

“While legitimate scanning services share data about uploaded files with the antivirus community and notify their users that they will do so, Scan4you instead informed its users that they could upload files anonymously and promised not to share information about the uploaded files with the antivirus community,” according to a Justice Department statement earlier this year.

One customer who used to service to test malware that was instrumental in the theft of 40 million credit and debit card numbers, 70 million addresses, phone numbers and other personally identifying information from a U.S. retailer that ultimately cost $292 million.