“Bulletproof Hosting” Operators Pleaded Guilty in American Court

Last updated June 23, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

Four Eastern European nationals have pleaded guilty in front of the U.S. District Court of the Eastern District of Michigan judge, admitting their involvement in “bulletproof hosting” services provided between 2008 and 2015. These services are generally hiding the identities of their customers (and themselves), ignore all DMCA notices, do not have any policies regarding the prevention of illegal activities in place, and generally support malicious operations like malware distribution campaigns, etc.

The four men are Aleksandr Grichishkin (34) and Andrei Skvortsov (34) of Russia, Aleksandr Skorodumov (33, Lithuania), and Pavel Stassi (30, Estonia). The court believes the first two of these individuals are the founding members of the particular service, while the other two oversaw and managed the day-to-day operational activities.

The service hosted malware such as Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit. These strains have caused significant financial damage to U.S.-based companies and organizations between 2009 and 2015, so the hosting service played a neuralgic role in that.

As FBI’s special agent Timothy Waters states:

Over the course of several years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe haven to anonymize their criminal activity. This resulted in millions of dollars of losses to U.S. victims. Today’s guilty plea sends a message to cyber-criminals across the globe that they are not beyond the reach of the FBI and its international partners, and that anyone who facilitates or profits from criminal cyber activity will be brought to justice.

The four men will hear their sentences between June and September 2021, and each of them is facing a maximum penalty of 20 years in prison. This may sound disproportional to merely offering hosting services, but again, these people enabled operations that incurred huge financial losses to a large number of entities.

One of the most popular cases of this kind was the bust of the underground bunker in Germany, which happened in October 2019 and was trialed a year later. That service hosted dark websites such as child abuse platforms and marketplaces where all kinds of illegal transactions took place.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: