In a coordinated international effort, law enforcement agencies have seized four domains and an associated server linked to an online software crypting syndicate. This operation aimed at disrupting services provided to cybercriminals for evading detection of their malicious software was announced by U.S. Attorney Nicholas J. Ganjei.
Crypting involves using software to make malware difficult for antivirus programs to detect. The seized domains offered counter-antivirus (CAV) tools, which, when combined with crypting services, allow criminals to obfuscate malware and gain unauthorized access to computer systems.
An affidavit supporting the seizures indicated that authorities conducted undercover purchases from the websites in question and confirmed that the services were designed for cybercrime. Court documents also connected these services with known ransomware groups targeting victims both domestically and internationally, including in Houston.
“Modern criminal threats require modern law enforcement solutions,” stated Ganjei. He emphasized the importance of targeting not only individual fraudsters or hackers but also those who enable such cybercriminal activities.
FBI Houston Special Agent in Charge Douglas Williams commented on the nature of cybercriminal activities: “Cybercriminals don’t just create malware; they perfect it for maximum destruction.” He highlighted the role of counter antivirus services in refining malicious tools against security systems globally.
The seizures took place on May 27 as part of Operation Endgame, a multinational initiative involving countries like the United States, The Netherlands, France, Germany, Denmark, Ukraine, and Portugal. The FBI Houston Field Office led the investigation with significant support from Finnish and Dutch national police as well as other international partners.
Assistant U.S. Attorneys Shirin Hakimzadeh and Rodolfo Ramirez are prosecuting this case while AUSA Kristine Rollinson manages its seizure aspects.
