2 December 2021

Founder of bulletproof hosting used by cybercriminals gets 5 years in prison


Founder of bulletproof hosting used by cybercriminals gets 5 years in prison

34-year-old Russian Aleksandr Grichishkin, a founder and leader of a bulletproof hosting organization that provided services to cybercriminals, has been sentenced to 60 months in prison.

According to court documents, Grichishkin along with his co-conspirators Andrei Skvortsov, Aleksandr Skorodumov, and Pavel Stassi, run a bulletproof hosting platform, which was used by cybercriminals between 2009 to 2015 to distribute malware and attack financial institutions and victims across the U.S.

The group rented IP addresses, servers, and domains to cybercriminals, who used the infrastructure to spread malware that allowed them to gain access to victims’ computers, form botnets, and steal banking credentials.

Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which rampantly attacked U.S. companies and financial institutions between 2009 and 2015 and caused or attempted to cause millions of dollars in losses to U.S. victims.

“Grichishkin was one of the organization’s founders and proprietors, and its day-to-day leader. In this role, he oversaw efforts to advertise the organization’s bulletproof hosting services in online cybercrime forums, set pricing for these services, negotiated and interfaced with clients seeking internet infrastructure to be used in spamming and malware operations, managed employee hiring and compensation, and supervised the systems administrators’ and other employees’ work,” the U.S. Department of Justice said.

Grichishkin also instructed other members of the organization on how to “resolve” abuse notices by, among other methods, moving the affected clients’ data to new, “clean” domains and IP addresses.

In May, Grichishkin, Skvortsov, Skorodumov, and Stassi pleaded guilty for their role in a Racketeer Influenced Corrupt Organization (RICO). In June, Pavel Stassi was sentenced to 24 months in prison. In October, Aleksandr Skorodumov received a 48-month prison sentence.

Andrei Skvortsov is pending sentencing and faces a maximum penalty of 20 years in prison.


Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021