Four men from Eastern Europe have pleaded guilty to supporting cyber-criminals attacking the United States by providing them with bulletproof hosting services (BPHS).
BPHS are run with a 'don't ask, don't tell' approach and ensure the anonymity of users while allowing them to host malicious activity and content such as malware.
According to court documents, 34-year-old Russian nationals Aleksandr Grichishkin and Andrei Skvortsov, 33-year-old Aleksandr Skorodumov of Lithuania, and Estonian 30-year-old Pavel Stassi were the founders and/or members of an organization offering BPHS.
The group admitted renting out Internet Protocol (IP) addresses, servers, and domains to cyber-criminal clients, who used them to steal banking credentials, spread malware, and form botnets.
Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which caused or attempted to cause millions of dollars in losses to victims based in the United States between 2009 and 2015.
An FBI investigation into the organization's activities found Grichishkin and Skvortsov to be its founding members and proprietors. Grichishkin led the organization’s day-to-day business and oversaw its personnel, while Skvortsov was responsible for customer support and marketing the organization’s criminal business.
In February and March 2021, Stassi, Skorodumov, and Grichishkin pleaded guilty to conspiring to engage in a Racketeer Influenced Corrupt Organization (RICO) arising from their provision of these services between 2008 and 2015. On Friday, Skvortsov pleaded guilty to the same charge.
“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cyber-criminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said Special Agent in Charge Timothy Waters of the FBI’s Detroit Field Office.
“This resulted in millions of dollars of losses to US victims. Today’s guilty plea sends a message to cyber-criminals across the globe that they are not beyond the reach of the FBI and its international partners, and that anyone who facilitates or profits from criminal cyber-activity will be brought to justice.”
Sentencing of Stassi, Skorodumov, Grichishkin, and Skvortsov has been set for June 3, June 29, July 8, and September 16, respectively.