Global Law Enforcement Takedown Disrupts Prolific Cybercrime Tool AVCheck

In a win for international cybercrime enforcement, European and American authorities have announced the takedown of AVCheck, one of the world’s most prolific Counter Antivirus (CAV) services used by cybercriminals to test their malware against popular antivirus software.

The coordinated operation led by Dutch Politie in cooperation with law enforcement agencies from the US and Finland successfully disrupted a critical enabler of cybercrime activity. By allowing malware authors to ensure their code evaded detection, AVCheck played a key role in facilitating stealthy, effective attacks against individuals and organizations worldwide.

The takedown was announced on Friday May 30th with Dutch officials declaring it an “important step” in the broader fight against cybercrime.

Matthijs Jaspers, team leader at the Dutch National High Tech Crime Unit, said the operation marked an “important step” in the fight against cybercrime.

“This will disrupt cybercriminals as early as possible in their operations and prevent victims. In recent years, the investigation has also collected important evidence about the administrators and users of the AVCheck service and the associated services Cryptor.biz and Crypt.guru,” he added.

A seizure notice posted on the AVCheck platform noted that the takedown was enabled “by exploiting the mistakes of admins,” and revealed that law enforcement officials had seized the service’s servers and user database, including usernames, email addresses, and payment details.

The takedown took place on May 27th and is closely connected to Operation Endgame, a Europol operation to disrupt the infrastructure behind initial access malware families such as IcedID, Smokeloader, Bumblebee, SystemBC, Pikabot, and Trickbot.

“Cybercriminals are difficult to track down. That is why it remains crucial to invest in a broad approach to stay one step ahead of them,” said Jaspers.

“National and international intervention and public-private partnerships are becoming increasingly important – with the aim of combating victims, stopping crimes and preventing online crime from growing. We do not only focus on our traditional task of detection and prosecution, but also on other types of interventions to increase digital security.”

If you’d like the latest dark web news and insights delivered into your inbox every Thursday at 10am, sign up to the email version of Beacon.