Bondars was convicted on May 16 of one count of conspiracy to violate the Computer Fraud and Abuse Act, one count of conspiracy to commit wire fraud, and one count of computer intrusion with intent to cause damage and aiding and abetting.
According to testimony at trial and court documents, from at least 2009 until 2016, Bondars operated Scan4you, which for a fee provided computer hackers with information they used to determine whether their malware would be detected by antivirus software, including and especially by antivirus software used to protect major US retailers, financial institutions and government agencies from computer intrusions.
A Scan4you customer, for example, used the service to test malware that was subsequently used to steal approximately 40 million credit and debit card numbers, as well as approximately 70 million addresses, phone numbers and other pieces of personal identifying information, from retail store locations throughout the United States, causing one retailer approximately USD 292 million in expenses resulting from the intrusion. In issuing the sentence, the court found the total loss amount of USD 20.5 billion.
Another participant in Scan4You, 36-year-old Moscow resident Jurijs Martisevs, pled guilty in March after he was arrested in Latvia and extradited over objections from the Russian government.