A Russian national will serve a five-year prison sentence after being found guilty of running an underground web hosting company for malware operators, the US Department of Justice (DoJ) has confirmed.
Aleksandr Grichishkin, together with three co-conspirators (Andrei Skvortsov, Aleksandr Skorodumov, and Pavel Stassi), advertised their "bulletproof hosting" company on the dark web, and provided technical support for malicious actors from 2008 and 2015.
During that time, the company provided hosting and command a and control (C&C) servers for malware including Zeus, SpyEye, Citadel and Blackhole.
According to court documents, Grichishkin was the ringleader. He helped malicious actors stay out of reach of law enforcement by monitoring sites used to blacklist technical infrastructure used for illegal activities, buying new infrastructure (using fake or stolen credit card information), and moving the flagged content to that new infrastructure.
Persistent threat to the US
After a years-long investigation, all four individuals were charged, and extradited to the United States last year.
In May 2021, all four pled guilty; Stassi got a two-year sentence, Skorodumov got four, and Skvortsov is expected to be sentenced next year.
“Cybercrime presents a serious and persistent threat to the United States, and these prosecutions send a clear message that ‘bulletproof hosters’ who purposely aid other cybercriminals are responsible, and will be held accountable, for the harms their criminal clients cause within our borders,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division.
“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” added Timothy Waters of the FBI.
“This resulted in millions of dollars of losses to US victims. Cybercriminals may believe they are beyond the reach of the FBI and our international partners, but today’s proceeding proves that anyone who facilitates or profits from criminal cyber activity will be brought to justice.”
- You might also want to check out our list of the best ransomware protections out there