Eastern European nationals admit to renting out resources to launch malware attacks and conduct other fraudulent activities
Four people have pleaded guilty to providing ‘bulletproof’ hosting services used by cybercriminals to distribute malware and launch other cyber-attacks.
The individuals – Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr Skorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia – maintained the services from 2008 to 2015, according to the US Department of Justice (DoJ).
In a statement issued on Friday (May 7), the DoJ detailed how the group allegedly rented out IP addresses, servers, and domains to cybercriminals enabling them to launch malware attacks, gain access to victims’ computers, form botnets, and steal banking credentials for use in frauds across the US.Read more of the latest cybercrime news
Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, claims the DoJ, which “rampantly attacked” US-based companies and financial institutions between 2009 and 2015.
The DoJ also stated that the defendants helped criminals to evade detection by monitoring sites used to blocklist technical infrastructure used for crime, moving “flagged” content to new infrastructure, and registering all such infrastructure under false or stolen identities.
Stassi, Skorodumov, Skvortsov, and Grichishkin all pleaded guilty to one count of Racketeer Influenced Corrupt Organization (RICO) conspiracy.
All four defendants face a maximum prison sentence of 20 years.
Held to account
Acting assistant attorney general Nicholas McQuaid, of the Justice Department’s Criminal Division, commented: “The criminal organizations that purposefully aid these actors – the so-called bulletproof hosters, money launderers, purveyors of stolen identity information, and the like – are no less responsible for the harms these malware campaigns cause, and we are committed to holding them accountable.
“Prosecutions like this one increase the costs and risks to cybercriminals and ensure that they cannot evade responsibility for the enormous injuries they cause to victims.”
Safe haven
So-called bulletproof hosting services are known as a “safe haven” for criminal hackers since they can make it easier for malicious actors to conceal their wrongdoings and minimize the downtime of their cybercrime campaigns.
In recent years, authorities have looked to crack down on these operations which, among other services, provide illegal VPN networks.
The internet industry group i2Coalition also threw its weight behind a clampdown on illegal VPNs, calling for providers to adhere to a minimum standard of ethics.
READ MORE Safe-Inet: VPN service for cybercriminals taken down in law enforcement bust