A Russian man has been sentenced to five years behind bars for his part in a bulletproof hosting venture that helped support countless cybercrime operations.
Aleksandr Grichishkin, 34, and co-conspirators Pavel Stassi, 30, of Estonia, Aleksandr Skorodumov, 33, of Lithuania, and 34-year-old Russian, Andrei Skvortsov, had previously pleaded guilty to conspiracy to engage in a racketeer-influenced corrupt organization.
Grichishkin is purportedly the organization’s founder, which rented out IP addresses, servers and domains to cyber-criminals, who used it to build botnets, access victims’ machines and steal financial data.
Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit were among the malicious tools used by these criminals to target US firms, financial institutions and their customers between 2009 and 2015, according to the Department of Justice (DoJ).
As the organization’s operational leader, Grichishkin is said to have overseen advertising of the firm’s hosting services in underground forums. He also set prices, negotiated with clients, managed employee hiring and compensation, and supervised the work of his sysadmins and other staffers.
“He also regularly instructed other members of the organization on how to ‘resolve’ abuse notices by, among other methods, moving the affected clients’ data to new, ‘clean’ domains and IP addresses,” the DOJ said.
Stassi has already been sentenced to 24 months in prison, while Skorodumov received 48 months for his part in the operation. Skvortsov is awaiting sentencing and faces a maximum of 20 years behind bars.
The FBI brought the men to justice with the help of police in Germany, Estonia and the UK.
The arrests are unlikely to do much to deter bulletproof hosting business owners working in a vast and lucrative industry. This is particularly true for those operating in countries like Russia, where many cybersecurity experts believe authorities turn a blind eye to criminal activity directed at foreign targets.