adimas - Fotolia

Briton jailed for two years for product testing for hackers

A Briton has been jailed for two years for running a product-testing service for hackers

A 24-year-old man from Colchester, Essex has been sentenced to two years in prison for running a website that allowed cyber criminals to test attacks against antivirus scanners.

Goncalo Esteves pleaded guilty in January 2018, after a joint investigation by the National Crime Agency (NCA) and cyber security firm Trend Micro.

The investigation found that Esteves, under the pseudonym KillaMuvz, ran the website reFUD.me to test the effectiveness of malware. He also sold custom-made malware-disguising products and offered technical support to users.

He was sentenced in the Blackfriars Crown Court for convictions on two computer misuse offences and a count of money laundering.

Esteves called his encryption tools Cryptex Reborn and Cryptex Lite. Part of a family of cyber tools known as crypters, they could be used by hackers to improve their chances of dodging antivirus. He sold them for use in packages which varied in price according to the length of the licence.

A month of Cryptex Lite cost $7.99 (£5), while a lifetime licence for Cryptex Reborn cost $90 (£60). Esteves provided customer support via a dedicated Skype account and accepted payment either in conventional currency, in cryptocurrency Bitcoin or in Amazon vouchers.

Esteves advertised his website on the hackforums.net website, a well-known message board for cyber criminals, under the description: “A free service that offers fast and reliable file scanning to ensure your files remain fully undetectable to anti-malware software.”

PayPal transactions

NCA officers discovered that Esteves made £32,000 from more than 800 PayPal transactions between 2011 and 2015, and he is likely to have made far more, as this sum does not include payments Esteves accepted in Bitcoin and Amazon vouchers.

“Esteves helped hackers to sharpen their knives before going after their victims, said Mike Hulett, head of operations at the NCA’s National Cyber Crime Unit. “His clients were most likely preparing to target businesses and ordinary people with fraud and extortion attempts.

“He made a fair bit of money, but he’d probably have made much more, and certainly for longer, if he’d pursued a legitimate career in cyber security,” he said.

Hulett also thanked Trend Micro for its ongoing support in tackling cyber crime. The NCA and Trend Micro signed a memorandum of understanding in 2015 to collaborate in fighting cyber crime and continue to do so.

Law enforcement working with businesses

In recent years, UK law enforcement has emphasised the importance of working with cyber security firms as well as private enterprises to tackle cyber crime.

In November 2017, chief constable Peter Goodman, NPCC lead for cyber crime, said police sources provide a fraction of the intelligence businesses can provide.

“With input from businesses, we are data rich in a much more strategic way than what we have got so far, and we are doing all we can to build relationships with different sectors at all levels of law enforcement to be in a very healthy position in the future,” he said.

Read more about cyber crime

Oliver Gower, deputy director of the NCA and head of the NCA’s National Cyber Crime Unit (NCCU), said: “We need businesses to report more because we depend on industry talking to us, but we have Section 7 under the Crime & Courts Act, which enables them to share information confidentially without having to trigger a formal crime report.

“However, our emphasis is on formally reporting any cyber crime because it is a reality of modern business,” he said. “There needs to be more openness around this issue as it enables is to carry out a full investigation.”

Read more on IT for government and public sector