Security Experts:

Connect with us

Hi, what are you looking for?


Tracking & Law Enforcement

Alleged Malware Service Operators Arrested in UK

A partnership between security firm Trend Micro and the United Kingdom’s National Crime Agency (NCA) resulted in the arrests of two individuals suspected of running a website that offered cybercrime services.

A partnership between security firm Trend Micro and the United Kingdom’s National Crime Agency (NCA) resulted in the arrests of two individuals suspected of running a website that offered cybercrime services.

The suspects, a man and a woman aged 22 from Colchester, Essex, are believed to have operated a counter antivirus service called and a crypting service named Cryptex Reborn. They have been released on bail until February 2016.

Both the Cryptex Reborn and services have been disrupted as a result of the operation., which emerged in February 2015, allowed cybercriminals to upload their malware samples to see if they would be detected by the products of various antivirus companies. was similar to VirusTotal, but unlike the Google-owned scanning service, it did not share scanned files with antivirus vendors.

Before it was shut down, the website claimed that more than 1.2 million scans had been conducted since February 2015. One of the most recent features added to the cybercrime service, dubbed “scanwatch,” allowed users to constantly monitor the detection status of the files they uploaded.

Cryptex Reborn, the evolution of a toolkit advertised since as early as October 2011, allowed malware developers to encrypt their files in an effort to make them “Fully UnDetectable” (FUD). Malware authors could use the product after paying a $20 monthly subscription fee or $90 for lifetime usage.

The first versions of the tool, called Cryptex, Cryptex Lite and Cryptex Advanced, all surfaced in 2011. Cryptex Reborn, which is said to offer one of the most sophisticated forms of crypting seen in recent years, was first advertised on cybercrime forums in September 2014, said Trend Micro.

“This investigation is the result of Trend Micro’s collaboration with the National Crime Agency of the UK (NCA) and other partners to tackle some of the core components that enable cybercriminal business models to exist,” said Martin Rösler, senior director of The Forward-Looking Threat Research team for Trend Micro. “Helping to take down operations such as this is part of our ongoing effort to keep the world safe for exchanging digital information, for both our customers and the Internet at large.”

The collaboration between Trend Micro and the NCA is the result of a memorandum of understanding signed by the two organizations in July.

Related Reading: Fourth Teen Arrested Over Cyber Attack on UK’s TalkTalk

Related Reading: Six Alleged Users of LizardStresser DDoS Service Arrested in UK

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...


A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...


Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.