Russian National Sentenced to Five Years For Aiding Malware Hacking

Rawf8/istockphoto

Aleksandr Grichishkin, 34, pleaded guilty to providing a server allowing cybercriminals temporary use of IP addresses to bypass security measures and exploit financial data.

A U.S. court sentenced a Russian national to five years in prison for aiding cybercriminals in distributing malware among the online accounts of both individuals and financial institutions between 2009 and 2015.  

Using a bulletproof hosting software, or a platform that has relaxed restrictions regarding the content that can be hosted on its servers, Aleksandr Grichishkin pleaded guilty to conspiracy to engage in a racketeer influenced corrupt organization.

Officials at the Department of Justice said that Grichishkin founded a bulletproof hosting platform online that rented internet protocol addresses and domain names to hackers who used the existing infrastructure of the hosting server to distribute malware that further allowed them to access personal financial data. 

Some of the malware criminals on Grichishkin’s bulletproof hosting server distributed for fraud schemes include Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit. The latter was responsible for mass cyberattacks on U.S. companies and financial firms, resulting in the loss of millions of dollars. 

“According to court filings and statements made in connection with the defendants’ guilty pleas, Grichishkin was one of the organization’s founders and proprietors, and its day-to-day leader,” the Justice Department press release said. “In this role, he oversaw efforts to advertise the organization’s bulletproof hosting services in online cybercrime forums, set pricing for these services, negotiated and interfaced with clients seeking internet infrastructure to be used in spamming and malware operations, managed employee hiring and compensation, and supervised the systems administrators’ and other employees’ work.”

Chief Judge Denise Page Hood of the U.S. District Court for the Eastern District of Michigan handed down the sentence to Grichishkin. The 34-year-old foreign national also pleaded guilty to conspiracy to engage in a racketeer influenced corrupt organization, along with three other defendants. 

Earlier in October, Hood also sentenced two of Grichishkin’s co-conspirators to two and four years in prison for their roles in the bulletproof hosting, respectively. 

U.S. law enforcement has cracked down on cybercriminal convictions, spurred in part by the widespread ransomware attacks on several U.S. companies over the summer of 2021. 

On Tuesday, officials at Justice confirmed that the sixth and final member of an international hacking organization was sentenced to just under a year in prison for SIM Hijacking fraud targeting cryptocurrency.