Curious how AVCheck worked. I'd have thought antivirus software would normally flag suspicious binaries and ship off samples of them to the mothership for human analysis. Also I doubt it was this service but I have distinct memories of submitting binaries to web-based services that ran said binary against multiple AVs and reported the results when I wasn't entirely confident they could be trusted. It's interesting to think that the same service could have been used by people developing malware to see if they could avoid detection.
Dutch cops cuff alleged AVCheck malware kingpin in Amsterdam
Dutch police believe they have arrested a man behind the AVCheck online platform - a service used by cybercrims that Operation Endgame shuttered in May. The country's public prosecutor's office, the Openbaar Ministerie (OM), issued a statement on Monday, confirming the arrest of a 33-year-old Dutchman in connection with its …
-
-
Wednesday 14th January 2026 17:02 GMT doublelayer
Probably with sandboxed AVs, either running on offline (except for sending results to the service) and cleared so they couldn't report samples back or with connections to detect and block those reports. Some of it would be easy, but presumably the customers would buy the service for the ability to test against the AVs that are hard to circumvent.
-
Tuesday 13th January 2026 15:01 GMT VoiceOfTruth
Pot and kettle
>> "By leveraging counter-antivirus services, malicious actors refine their weapons against the world's toughest security systems to better slip past firewalls, evade forensic analysis, and wreak havoc across victims' systems."
Bob, how's the Angela Merkel hack coming along?
Well, Bill. I'm just refining it to slip past their security systems.
That's great, Bob. Have some more hotdogs.
Biting the hand that feeds IT
