A 24-year-old cybercriminal who ran an online "product-testing service" for online criminals and hackers called reFUD.me has pleaded guilty to computer misuse and money laundering.
The platform offered by Goncalo Esteves, of Colchester, Essex, let digital crooks pay money to test whether their cyber-tools could beat anti-virus scanners. A joint investigation by the UK's National Crime Agency (NCA) and cybersecurity company Trend Micro uncovered the illegal operation.
Under the pseudonym "KillaMuvz", he also sold "custom-made malware-disguising products" and gave technical support to users, the law enforcement agency said in a release published Monday (15 January).
Esteves has now pleaded guilty to two computer misuse offences and a count of money laundering.
Sentencing is currently scheduled to take place Monday 12 February at Blackfriars Crown Court, London.
"Goncalo Esteves designed, developed and sold software that disguised computer viruses used by cybercriminals which allowed anti-virus software to be bypassed and cybercrime carried out undetected," said Adrian Flasher, specialist prosecutor at the Crown Prosecution Service (CPS).
"Esteves advised his customers about his products, discussed how they were to be used and how to use the software to achieve criminal objectives," he continued.
"The CPS advised investigators throughout the investigation and prosecution, enabling a strong case to be presented; namely, that Esteves knew exactly what the criminal aims of his customers were and that he had profited from his criminality in selling the tools."
Esteves called his encryption tools Cryptex Reborn and Cryptex Lite.
They were part of a family of cybercrime tools known as "crypters", which could be used by hackers to improve their chances of dodging anti-virus software.
He sold them for use in business-savvy packages which varied in price depending on the length of licence.
A month of Cryptex Lite cost roughly £5, while a lifetime licence for Cryptex Reborn cost approximately £60, the NCA stated, adding that Esteves was also linked to a Skype account used to provide "customer support".
He accepted payment in bitcoin and Amazon vouchers. NCA officers said Esteves made £32,000 from more than 800 Paypal transactions between 2011 and 2015.
But experts believe he made much more in virtual currency.
Esteves advertised his website on the hackforums.net website, a well-known internet messageboard for cybercriminals, under the description: "A free service that offers fast and reliable file scanning to ensure that your files remain fully undetectable to anti-malware software."
"Esteves's crimes weren't victimless," said NCA head of operations Mike Hulett. "His clients were most likely preparing to target businesses and ordinary people with fraud and extortion attempts."