Four cyber criminals who have been identified as Eastern European nationals could face not less than 20 years in prison for Racketeer Influenced Corrupt Organization (RICO) charges after they pleaded guilty before the court for issuing hosting services between the year 2008 and 2015, which were used by cyber criminals to distribute malware to financial companies across the U.S.
Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr Skorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia, are the individuals involve in the cyber crime activities.
They have been accused of providing essential services to cyber criminal clients, who used their services to move malware such as SpyEye, Citadel, Zeus, and the Blackhole Exploit Kit that were capable of turning victims machines into a botnet, and stealing sensitive information from them.
The use of malware caused millions of dollars in losses to U.S. victims, the U.S. Department of Justice (DoJ) said in a statement on Friday.
DoJ said “Bulletproof hosting service was the key service provider for the cyber criminals to hide detection by law enforcement and continue their crimes uninterrupted; Bulletproof hosting service did so by monitoring sites used to blocklist technical infrastructure used for crime, moving ‘flagged’ content to new infrastructure, and registering all such infrastructure under false or stolen identities,”
Bulletproof Hosting Service was founded by Grichishkin and Skvortsov, they were also responsible for marketing the organization’s criminal business, with Skorodumov and Stassi were the systems administrators and performing other administrative tasks, such us using stolen personal information of victims to register web hosting and financial accounts.
Bulletproof hosting (BPH), is different from normal web hosting it allows a content provider free privileges to upload any kind of data and content that they will host on their servers, thus making it easier to evade law enforcement.
Operators of the web hosting service know as bulletproof hosting services are known to use variety of tricks to stay under the radar of the security agencies, while simultaneously acting as a safe provider with the goal of anonymizing cybercrime operations.
In 2020 December last year,security agencies from the Switzerland, France, US, Netherlands, Germany, along with Europol’s European Cybercrime Centre (EC3), took down Safe-Inet, a popular virtual private network (VPN) service that was used for cybercrime activities.