A 34-year-old man from Russia has been convicted of providing hosting services to cybercriminals. The hosting services were used by cybercriminals to distribute malware and steal banking information. An American judge has sentenced him to five years in prison.
A Russian man, who was the founder and leader of a so-called bulletproof hosting organization, provided various hosting services to criminals from 2009 to 2015. These bad hosting companies are also called bulletproof hosts. Such companies target cybercriminals who engage in phishing or sending spam.
The wrong hosting companies advertise on underground forums in order to expand their criminal clientele.
The hosting services, provided by the Russian bulletproof hosting organization, have been used by cybercriminals to spread malware and operate botnets. This allowed them to access victims’ computers and steal banking information. The malware hosted by the organization included Zeus, SpyEye, Citadel, and Blackhotel Exploit Kit.
The Russian hosting company is also said to have helped bypass blocklists. When IP addresses were blocked, the company helped transfer the affected content to new domains and IP addresses. This allowed the cybercriminals to continue their illegal activities.
The judge ruled that the suspect had facilitated criminals for years. This has resulted in millions of dollars in damage to victims. Two employees of the Russian company were previously sentenced to two and four years in prison.
In the Netherlands, we also increasingly see hosting companies that facilitate crime. It is currently difficult to prosecute hosting companies that go over the line, for example, because they host child pornographic material. Based on European regulations, hosting providers are not liable for the behaviour of their customers. Minister of Justice and Security Ferd Grapperhaus wants this to change.
Grapperhaus has drafted a bill to ensure that hosting companies are fined if they do not remove child pornography material from their network quickly enough after a report. Many hosting companies will cooperate with this, but there are also hosting companies that are not yet sufficiently combating the spread of child pornography via their servers.
In July 2020, Minister Grapperhaus asked 17 web hosters to remove child pornographic material from their servers. If they didn’t, the minister would make their names public.
Grapperhaus is working with the Ministry of Economic Affairs on measures to combat the facilitation of crime via hosting companies. They look at the European regulations on which the limitation of liability for hosting providers is based.
Catch up on more articles here
Follow us on Twitter here