The United States Department of Justice sentenced to prison two individuals involved in providing bulletproof hosting to various malware operations, including Citadel, SpyEye, Zeus, and the Blackhole exploit kit.
The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015.
The duo, along with Russian nationals Aleksandr Grichishkin and Andrei Skvortsov, founded an organization that was offering bulletproof hosting, they rented the attack infrastructure (IP addresses, servers, and domains) to crooks who used it to spread multiple malware families and conducted several malicious activities.
The defendants helped their clients to evade detection by monitoring sites used to blocklist technical infrastructure used for crime. Every time a content was flagged as malicious, the defendants moved it to new infrastructure and used false or stolen identities to register it.
Skvortsov was responsible for the marketing activity of the group, while Grichishkin was the organization’s day-to-day leader and oversaw its personnel.
Skorodumov was one of the organization’s lead systems administrators, he configured and managed the clients’ domains and IP addresses, provided technical assistance to help clients optimize their malware and botnets.
Stassi conducted several administrative tasks for the group, such as registering webhosting and financial accounts using stolen and/or false personal information.
Skorodumov was sentenced to 48 months in prison and Stassi to 24 months in prison.
Grichishkin and Skvortsov are pending sentencing and have already pleaded guilty, both face up to 20 years in prison.
“Every day, transnational organized cybercriminals deploy malware that ravages our economy and victimizes our citizens and businesses,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “The criminal organizations that purposefully aid these actors — the so-called bulletproof hosters, money launderers, purveyors of stolen identity information, and the like — are no less responsible for the harms these malware campaigns cause, and we are committed to holding them accountable. Prosecutions like this one increase the costs and risks to cybercriminals and ensure that they cannot evade responsibility for the enormous injuries they cause to victims.”
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, cyber security)