Founder of bulletproof hosting provider used by malware gangs gets 5 years in prison
Image: Matthew Ansley
Catalin Cimpanu December 1, 2021

Founder of bulletproof hosting provider used by malware gangs gets 5 years in prison

Founder of bulletproof hosting provider used by malware gangs gets 5 years in prison

A US federal judge has sentenced today a Russian national to five years in prison for founding and operating a bulletproof hosting company that provided servers and technical support to malware and cybercrime groups between 2008 and 2015.

Named Aleksandr Grichishkin, the 34-year-old Russian is part of a quartet charged and detained by US authorities in an investigation that took years to orchestrate.

Grichishkin and his three partners ran a web hosting company that advertised on underground cybercrime forums their ability to host malware infrastructure and ignore requests to take down malicious servers.

Between August 2008, when the (unnamed in court documents) hosting company was created, and until November 2015, according to court documents, the four helped cybercriminals safely host command and control servers for malware such as the Blackhole exploit kit, and the ZeusSpyEye, and Citadel banking trojans.

According to court documents, the four were aware that their operation was illegal and would often use fake or stolen information to purchase their company’s IP addresses and servers, in order to hide their real identities from any snooping law enforcement agencies or cybersecurity firms.

NameAgeCountryRoleSentence
Aleksandr Grichishkin34RussiaCo-founder, day-to-day leader and oversaw its personnel60 months
Andrei Skvortsov34RussiaCo-founder, responsible for marketing the organization’s criminal business and served as a point of contact for important and/or disgruntled clients
Aleksandr Skorodumov33LithuaniaLead systems administrator, configured and managed the clients’ domains and IP addresses, provided technical assistance to help clients optimize their malware and botnets, and monitored and responded to abuse notices.45 months
Pavel Stassi30EstoniaIT staff, conducted and tracked online marketing to the organization’s criminal clientele and used stolen and/or false personal information to register web hosting and financial accounts used by the organization.45 months

The quartet was charged and eventually arrested and extradited to the US in 2020. All four pleaded guilty at the same time in May 2021.

Stassi and Skorodumov received each a 45-months prison sentence in October, with Skvortsov being scheduled for sentencing next year. While he faces a maximum penalty of up to 20 years in prison, he’s expected to receive a sentence similar to the one received by Grichishkin today.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.