[TheRecord] Two Eastern Europeans sentenced for providing ‘bulletproof hosting” services

Two Eastern European men who pleaded guilty to providing “bulletproof hosting” services to facilitate the distribution of malware used to attack financial institutions in the U.S. were sentenced to prison today, the Department of Justice said.

Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, said they acted as administrators for a bulletproof hosting organization that helped launch attacks against U.S. targets between 2009 and 2015, the Justice Department statement said. 

Bulletproof hosting services are run by people who turn a blind eye to content and rent IP addresses, servers, and domains to provide criminals with the technical infrastructure they need to disseminate malware, form botnet armies, and steal banking credentials for use in frauds.

The two men each pleaded guilty to one count of conspiracy under the RICO, or Racketeer Influenced and Corrupt Organizations, statute. Stassi was sentenced to 24 months in prison and Skorodumov was sentenced to 48 months.

The Justice Department said a roster of malware was hosted on their servers included Zeus, SpyEye, Citadel, and the Blackhole Exploit kit, all of which were deployed against U.S. companies and caused millions of dollars in losses 

The defendants also helped their clients evade detection by monitoring sites used to blocklist technical infrastructure and then moved the flagged content so it was harder for law enforcement to track, the statement added. 

“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said Special Agent in Charge of the FBI’s Detroit Field Office, Timothy Waters. “Today’s proceeding proves that anyone who facilitates or profits from criminal cyber activity will be brought to justice.”

According to court filings and statements made in connection with the defendants’ guilty pleas, Skorodumov was one of the hosting organization’s lead administrators and he configured and managed domains and IP addresses and offered clients advice on how they could optimize their malware and botnets. 

Stassi was more of a marketing expert, the DOJ statement said. He conducted and tracked online marketing for the hosting service and used stolen or fake personal information to register web hosting and financial accounts for the organization. 

The post Two Eastern Europeans sentenced for providing ‘bulletproof hosting” services appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] New Bluetooth Vulnerabilities Could Expose Many Devices to Impersonation Attacks

All posts, Security Week

Researchers working for a French government agency have identified seven new Bluetooth vulnerabilities that could expose many devices to impersonation and other types of attacks. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SANS ISC] ISC Stormcast For Friday, October 22nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7724, (Fri, Oct 22nd)

All posts, Sans-ISC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: Read More (SANS Internet Storm Center, InfoCON: green)

Read More

[SANS ISC] Fortinet Targeted for Unpatched SSL VPN Discovery Activity, (Sat, Jun 12th)

All posts, Sans-ISC

Over the past 60 days, I have observed scanning activity to discover FortiGate SSL VPN unpatched services. Fortinet has fixed several critical vulnerabilities in SSL VPN and web firewall this year from Remote Code Execution (RCE) to SQL Injection, Denial of Service (DoS) which impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) […]

Read More