[TheRecord] Two Eastern Europeans sentenced for providing ‘bulletproof hosting” services

Two Eastern European men who pleaded guilty to providing “bulletproof hosting” services to facilitate the distribution of malware used to attack financial institutions in the U.S. were sentenced to prison today, the Department of Justice said.

Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, said they acted as administrators for a bulletproof hosting organization that helped launch attacks against U.S. targets between 2009 and 2015, the Justice Department statement said. 

Bulletproof hosting services are run by people who turn a blind eye to content and rent IP addresses, servers, and domains to provide criminals with the technical infrastructure they need to disseminate malware, form botnet armies, and steal banking credentials for use in frauds.

The two men each pleaded guilty to one count of conspiracy under the RICO, or Racketeer Influenced and Corrupt Organizations, statute. Stassi was sentenced to 24 months in prison and Skorodumov was sentenced to 48 months.

The Justice Department said a roster of malware was hosted on their servers included Zeus, SpyEye, Citadel, and the Blackhole Exploit kit, all of which were deployed against U.S. companies and caused millions of dollars in losses 

The defendants also helped their clients evade detection by monitoring sites used to blocklist technical infrastructure and then moved the flagged content so it was harder for law enforcement to track, the statement added. 

“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said Special Agent in Charge of the FBI’s Detroit Field Office, Timothy Waters. “Today’s proceeding proves that anyone who facilitates or profits from criminal cyber activity will be brought to justice.”

According to court filings and statements made in connection with the defendants’ guilty pleas, Skorodumov was one of the hosting organization’s lead administrators and he configured and managed domains and IP addresses and offered clients advice on how they could optimize their malware and botnets. 

Stassi was more of a marketing expert, the DOJ statement said. He conducted and tracked online marketing for the hosting service and used stolen or fake personal information to register web hosting and financial accounts for the organization. 

The post Two Eastern Europeans sentenced for providing ‘bulletproof hosting” services appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[TheRecord] Dark web marketplace ToRReZ shuts down

The operators of ToRReZ, a dark web underground marketplace for the trade of illegal goods, have shut down their operation last week, the third such marketplace to shut down on its own this year. The site, which launched in February 2020, operated like an Amazon and eBay-like market, allowing users to register on the site […]

Read More

[ZDNet] The future of work: Employee privacy

All posts, ZDNet

Rising customers’ and employees’ privacy expectations are also converging to force businesses to prioritize privacy and will keep doing so in the future. Source: Read More (Latest topics for ZDNet in Security)

Read More

[HackerNews] Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure

All posts, HackerNews

An active espionage campaign has been attributed to the threat actor known as Molerats that abuses legitimate cloud services like Google Drive and Dropbox to host malware payloads and for command-and-control and the exfiltration of data from targets across the Middle East. The cyber offensive is believed to have been underway since at least July […]

Read More