- Two individuals from Eastern Europe have been sentenced for providing "bulletproof hosting" to cybercriminals between 2009 and 2015.
- Their clients relied on these services to engage in malware attacks on financial entities and general public in the US.
- Their two co-defentants are pending sentencing and may face a penalty of up to 20 years in prison.
Two individuals from Eastern Europe were sentenced for offering "bulletproof hosting" that aided cybercriminals distribute malware and launch attacks directed at financial institutions and other victims throughout the US between 2009 to 2015, thus having a role in the scheme. This case was investigated by the FBI with help from German, Estonian, and UK law enforcement agencies.
On June 28 and October 20, the US District Court for the Eastern District of Michigan sentenced Pavel Stassi (30, Estonia) to 24 months in prison and Aleksandr Skorodumov (33, Lithuania) to 48 months in prison. They were part of a bulletproof hosting organization founded and led by two co-defendants from Russia, Aleksandr Grichishkin (34) and Andrei Skvortsov (34). The co-defendants are pending sentencing, but they could face a maximum penalty of 20 years. All of them pleaded guilty under the Racketeer Influenced and Corrupt Organizations (RICO) act.
The group provided rented IP addresses, servers, and domains to cybercriminals who used this technical infrastructure to infiltrate targets via malware, develop botnets, and steal confidential banking credentials for fraud. Moreover, the individuals assisted clients in avoiding detection by law enforcement. They actively monitored websites blocklisting technical infrastructure suspected of committing crimes and moved flagged things to new infrastructure registered under forged or stolen identities.
The court documents further revealed that Skorodumov operated as the lead system administrator in the organization. In this capacity, he was working with clients to develop better malware and botnets and handled abuse notices. His partner Stassi managed several different administrative tasks, which included handling online marketing for nefarious clients and registering Webhosting and financial accounts with fake IDs.
Among the most harmful malware hosted on this infrastructure included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit. All of these were linked with significant cyberattacks that either caused or attempted to cause losses of millions of dollars.
An FBI representative commented that the defendant's facilitation of transnational criminal activity caused millions of dollars of losses to US citizens. He said this case proved that they are not beyond the reach of the law and shows that anyone perpetrating such crimes will be brought to justice.