UK suspects arrested for helping malware bypass antivirus protection

A man and woman are in hot water for offering a service which made malware undetectable.
Written by Charlie Osborne, Contributing Writer

Two people from the United Kingdom have been arrested on suspicion of helping malware developers evade antivirus software.

A joint investigation between the UK National Crime Agency (NCA)'s National Cyber Crime Unit (NCCU) and cybersecurity firm Trend Micro resulted in a 22 year-old man and a 22-year-old woman from Colchester, Essex being arrested and detained under suspicion of running a website which allowed malware developers to test whether their creations can evade modern, up-to-date antivirus software.

The website, reFUD.me, is now offline but used to provide both free and paid functions for testers. Malware creators were able to scan their files to see if they could circumvent antivirus protections and infect victim systems without detection.

If malware files failed the test, changes could be made to make the file "FUD," or otherwise known as Fully UnDetectable."

In addition, the website offered a service which packaged and encrypted malware to disguise files further, dubbed "Cryptex Reborn."

Trend Micro says this form of crypting is one of the most sophisticated types currently available -- and the price isn't bad, either. Malware creators were able to purchase the service for $20 per month or $90 as a lifetime license.

Since February this year, over 1.2 million scans took place on the website, stopped only when the NCA seized the domain.

Steve Laval, a member of the NCCA, commented:

"Although the website offered services designed to help circumvent anti-virus software, computer users can protect themselves from most malware threats by taking some simple precautions.
The NCA urges all internet users to ensure they have up to date anti-virus software installed on their machines and to avoid clicking on unknown or suspicious links or email attachments."

The agency and Trend Micro said Tuesday that the two suspects have been bailed until February 2016 until the investigation is complete.

10 steps to erase your digital footprint

Read on: Top picks

Editorial standards