US Imprisons Bulletproof Hosting Providers

Two men from Eastern Europe have been imprisoned in the United States for helping cyber-criminals carry out cyber-attacks against individuals and financial institutions in America. 

Pavel Stassi, a 30-year-old Estonian, and 33-year-old Aleksandr Skorodumov, of Lithuania, received custodial sentences for providing bulletproof hosting services that were used to distribute malware from 2009 to 2015.

Court documents state that the two men were members of a bulletproof hosting organization founded and led by two Russian co-defendants, Aleksandr Grichishkin and Andrei Skvortsov, both aged 34.

Cyber-criminals use bulletproof hosting services because they exist to ensure the anonymity of users. According to the US Department of Justice, these criminals did more than simply turn a blind eye to what their users were up to. 

"The defendants also helped their clients evade detection by law enforcement and continue their crimes uninterrupted by monitoring sites used to blocklist technical infrastructure used for crime, moving ‘flagged’ content to new infrastructure, and registering all such infrastructure under false or stolen identities," said the DOJ's Office of Public Affairs in a statement released October 20. 

Inside the criminal organization, Skorodumov was a lead systems administrator, performing tasks that included managing clients’ domains and IP addresses, and providing technical assistance to help clients optimize their malware and botnets. 

Stassi was brought on board as an administrator and marketer. One of his jobs was using false and/or stolen personal information to register webhosting and financial accounts used by the organization.

In May, each member of the cyber-criminal quartet pleaded guilty to one count of Racketeer Influenced and Corrupt Organizations (RICO) conspiracy. The men admitted renting out Internet Protocol (IP) addresses, servers, and domains to cyber-criminal clients, who used them to steal banking credentials, spread malware and form botnets.

Among the malware hosted by the organization was Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which caused or attempted to cause victims based in the United States to lose millions of dollars.

On June 28 and October 20, Chief Judge Denise Page Hood of the US District Court for the Eastern District of Michigan passed custodial sentences of 24 months upon Stassi and 48 months upon Skorodumov. Grichishkin and Skvortsov are pending sentencing.

What’s Hot on Infosecurity Magazine?