US jails man behind 'bulletproof hosting' service that helped malware operators evade detection

Malware Magnifying Glass
(Image credit: / Shutterstock)

A Russian national will serve a five-year prison sentence after being found guilty of running an underground web hosting company for malware operators, the US Department of Justice (DoJ) has confirmed.

Aleksandr Grichishkin, together with three co-conspirators (Andrei Skvortsov, Aleksandr Skorodumov, and Pavel Stassi), advertised their "bulletproof hosting" company on the dark web, and provided technical support for malicious actors from 2008 and 2015. 

During that time, the company provided hosting and command a and control (C&C) servers for malware including Zeus, SpyEye, Citadel and Blackhole. 

According to court documents, Grichishkin was the ringleader. He helped malicious actors stay out of reach of law enforcement by monitoring sites used to blacklist technical infrastructure used for illegal activities, buying new infrastructure (using fake or stolen credit card information), and moving the flagged content to that new infrastructure.

Persistent threat to the US

After a years-long investigation, all four individuals were charged, and extradited to the United States last year.

In May 2021, all four pled guilty; Stassi got a two-year sentence, Skorodumov got four, and Skvortsov is expected to be sentenced next year.

“Cybercrime presents a serious and persistent threat to the United States, and these prosecutions send a clear message that ‘bulletproof hosters’ who purposely aid other cybercriminals are responsible, and will be held accountable, for the harms their criminal clients cause within our borders,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division.

“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” added Timothy Waters of the FBI.

“This resulted in millions of dollars of losses to US victims. Cybercriminals may believe they are beyond the reach of the FBI and our international partners, but today’s proceeding proves that anyone who facilitates or profits from criminal cyber activity will be brought to justice.”

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.