Police arrest 2 in connection with CyberSeal, Dataprotector crime services

It’s another move by law enforcement agencies to strike at the heart of cybercriminal infrastructure.
Poliția Română, Romanian Police
A Romanian Police patch. (Poliția Română / Facebook)

Romanian police have arrested two people for allegedly distributing malicious software designed to evade anti-virus protections to more than 1,560 accused cybercriminals, Europol, the European Union’s law enforcement agency, said Friday.

The international crackdown, which Europol and the FBI supported, targeted a decade-long scheme that provided crooks with relatively cheap access to victim computers, which they used to carry out information-stealing and ransomware attacks.

The two Romanian suspects, whom authorities did not identify, allegedly ran “crypting” services designed to sneak malicious code past anti-virus software. The services, dubbed CyberSeal and Dataprotector, sold for between $40 to $300, according to Europol. The two suspects also allegedly offered cybercriminals access to a platform to test their malware against anti-virus software for as little as $7.

It’s the latest effort by global law enforcement agencies to strike at the heart of infrastructure used by people accused of facilitating costly hacking schemes. Europol and Australian police in December 2019 announced the takedown of a remote-access hacking tool that had been sold to 14,500 buyers in 124 countries. In October, U.S. and European law enforcement announced arrests of 14 people who allegedly worked for QQAAZZ, an Eastern European group accused of trying to launder tens of millions of dollars.


In addition to the two arrests this week, law enforcement agencies in Romania, Norway and the U.S. seized computing infrastructure allegedly used by a suspect, according to Europol which credited the FBI for helping. An FBI spokesperson did not immediately respond to a request for comment on the bureau’s role in the operation.

The Directorate for Investigating Organized Crime and Terrorism, one of Romania’s top law enforcement agencies, posted a video that appeared to show armed police raiding one of the suspect’s homes and searching laptops.

At press time, the websites distributing two of the malicious services had been taken down.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts