Two Russian nationals are among four men who have pleaded guilty to cybercrimes that targeted banks and companies across the United States, resulting in millions of dollars of losses, the Justice Department said on May 7.
The four men — Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr Skorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia — provided so-called “bulletproof hosting” services to a network of cybercriminals, according to court documents.
The bulletproof hosting operation rented Internet Protocol (IP) addresses, servers, and domains to cybercriminal clients who in turn used the technical infrastructure to disseminate malware that could gain access to victims’ computers and steal banking credentials, the Justice Department said in a news release.
“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said Special Agent in Charge Timothy Waters of the FBI’s Detroit Field Office.
The malware hosted by the organization attacked U.S. companies and financial institutions between 2009 and 2015, the Justice Department said.
Acting Assistant Attorney General Nicholas L. McQuaid said organizations that aid cybercriminals in deploying malware are “no less responsible for the harms these malware campaigns cause, and we are committed to holding them accountable.”
According to court filings and statements made by the defendants, Grichishkin and Skvortsov were founding members of the operation and its proprietors.
All four pleaded guilty to one count of conspiring to engage in a Racketeer Influenced Corrupt Organization (RICO) in U.S. District Court in Michigan. Each defendant faces a maximum penalty of 20 years in prison at their sentencing hearing later this year.
Law enforcement partners in Germany, Estonia, and the United Kingdom assisted the FBI in its investigation.