Cyber Attack

Four Individuals Plead Guilty for Providing “bulletproof hosting” Services that Used by Cybercriminals

Four Eastern European nationals have pleaded guilty for their roles in conspiring to engage in a racketeer-influenced corrupt organization (RICO), which evolved from the group providing “bulletproof hosting” services used to distribute malware and target US-based organizations.

The individuals, Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr Skorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia, were founders and/or members of a bulletproof hosting organization.

“The group helped their criminal clients evade law enforcement by monitoring websites used to blocklist technical infrastructure used for crime. They moved flagged content to new infrastructure and registered it under false or stolen identities”, officials report.

Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which wildly attacked U.S. companies and financial institutions between 2009 and 2015 and attempted to cause millions of dollars in losses to U.S. victims.

Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division says “Every day, transnational organized cybercriminals deploy malware that ravages our economy and victimizes our citizens and businesses.”

Four Individuals Were Members of Bulletproof Hosting Organization

According to court filings and statements, Grichishkin and Skvortsov were founding members of the organization and its proprietors. Skvortsov was responsible for marketing the organization’s criminal business and served as a point of contact for important and/or disgruntled clients, and Grichishkin was the organization’s day-to-day leader and oversaw its personnel.

Skorodumov was one of the organization’s lead systems administrators, and at some points, it’s only systems administrator. In this role, he configured and managed the clients’ domains and IP addresses, provided technical assistance to help clients optimize their malware and botnets, and monitored and responded to abuse notices.

Stassi undertook various administrative tasks for the organization, including conducting and tracking online marketing to the organization’s criminal clientele and using stolen and/or false personal information to register web hosting and financial accounts used by the organization.

Investigation

The FBI investigated the case with critical assistance from law enforcement partners in Germany, Estonia, and the United Kingdom. Sentencing of Stassi, Skorodumov, Grichishkin, and Skvortsov has been set for June 3, June 29, July 8, and Sept. 16, respectively. Each defendant faces a maximum penalty of 20 years in prison.

A federal district court judge will determine each sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Acting U.S. Attorney Saima S. Mohsin of the Eastern District of Michigan mention “Fraud over the internet has had a major economic impact on our community, and all over our nation and the world”.

“An essential part of reducing the fraud involves vigorously investigating and prosecuting individuals such as these ‘bulletproof hosters’ who enable the fraudsters in victimizing people over the internet.”

Also Read

Admin of DeepDotWeb (DDW) Pleads Guilty for Connecting Internet users with Darknet Marketplaces

SpaceX Engineer Pleads Guilty for Insider Trading on the Dark Web

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk…

1 hour ago

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights…

15 hours ago

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers,…

16 hours ago

Apple ID “push bombing” Attack Targeting Apple Users to Steal passwords

Apple users are falling prey to a sophisticated phishing campaign designed to hijack their Apple…

18 hours ago

Hackers Using Weaponized Virtual Hard Disk Files to Deliver Remcos RAT

Hackers have been found leveraging weaponized virtual hard disk (VHD) files to deploy the notorious…

18 hours ago

NVIDIA ChatRTX For Windows App Vulnerability Let Attackers Escalate Privilege

A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and…

23 hours ago