Published 5 days ago • loading... • Updated 2 days ago

Police Takes Down AVCheck Site Used by Cybercriminals to Scan Malware

On May 27, 2025, an international law enforcement coalition seized four domains and one server linked to AVCheck, a major counter antivirus service used by cybercriminals.
The takedown followed undercover purchases verifying AVCheck and related crypting services enabled malware to evade antivirus detection and aided ransomware groups active globally.
Authorities found evidence connecting AVCheck’s administrators to Cryptor.biz and Crypt.guru, which helped cybercriminals obfuscate malware, allowing stealthy deployment in victim networks.
Officials described AVCheck as among the largest global counter antivirus services, and said the disruption is part of Operation Endgame, a coordinated effort to dismantle malware ecosystems.
Law enforcement leaders said shutting down AVCheck removes a key cybercrime enabler, disrupts attacks early, and helps prevent victims worldwide from ransomware and malware threats.

Insights by Ground AI

Does this summary seem wrong?

10 Articles

All

Left

Center

Right

CyberScoop

Center

Top counter antivirus service disrupted in global takedown

AVCheck, a large-scale service that cybercriminals use to check if their malware can be detected by various antivirus tools, was seized and taken offline Tuesday by a globally coordinated law enforcement action. Officials on Thursday said they seized four domains and a server associated with the online software crypting syndicate. The site for the counter antivirus service and its related crypting services — Cryptor.biz and Crypt.guru — now disp…

4 days ago

Read Full Article

BleepingComputer

Center

Police takes down AVCheck site used by cybercriminals to scan malware

An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild.

5 days ago

Read Full Article

Tech Monitor

International authorities dismantle AVCheck in cybercrime operation

An international operation dismantled AVCheck, used by cybercriminals to test malware, revealing ties to crypting services.

2 days ago

Read Full Article

chip.de

New Threat Lurks on the Internet: Criminals Hijack Subdomains of Well-Known Websites

Cybercriminals take advantage of the vulnerabilities of well-known corporate websites. Especially perfidious is that the attempts at fraud are hardly recognizable.

3 days ago

Read Full Article

cybernoz.com

U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services In Global Operation - Cybernoz - Cybersecurity News

May 31, 2025Ravie LakshmananMalware / Cyber Crime A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that their malicious software stayed undetected from security software. To that effect, the U.S. Department of Justice (DoJ) said it seized four domains and their associated server facilitated the crypting service on May 27, 2025, in partners…

3 days ago

Read Full Article

unsafe.sh

Reposted by

The Hacker News

U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation

International law enforcement agencies have collaborated to seize four domains and servers to target a cybercrime group that provided encryption services that helped malware evade detection, among other measures as part of Operation Endgame.

4 days ago

Read Full Article

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/year