Bulletproof Hosting | Breaking Cybersecurity News | The Hacker News

European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called  Lolek Hosted , which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seized, rendering LolekHosted.net no longer available," Europol  said  in a statement. "The service facilitated the distribution of information-stealing malware, and also the launching of DDoS (distributed denial-of-service) attacks, fictitious online shops, botnet server management, and distribution of spam messages worldwide," it added. Polish authorities, who made the arrests,  said  three other detainees have been subjected to preventive measures in the form of police supervision, bail, and a ban on leaving the country. Alongside the arrests, hundreds of servers containing terabytes of data, computer equipment, and mobile phones have been confiscated. The seizure, carried out on ...

A Russian national charged with providing bulletproof hosting services for cybercriminals, who used the platform to spread malware and attack U.S. organizations and financial institutions between 2009 to 2015, has received a 60-month prison sentence. 34-year-old Aleksandr Grichishkin, along with Andrei Skvortsov, founded the bulletproof hosting service and rented its infrastructure to other criminal clientele for distributing a wide range of malware and attempted to cause millions of dollars in losses to U.S. victims.  Skvortsov is pending sentencing and faces a maximum penalty of 20 years in prison. Bulletproof hosting operations are similar to regular web hosting, but are a lot more lenient about what can be hosted on their servers. They are known for providing secure hosting for malicious content and activity and assuring anonymity to threat actors. Grichishkin, in May,  pleaded guilty  to conspiracy to engage in a racketeer-influenced corrupt organization (RICO)...

"A boxer derives the greatest advantage from his sparring partner…" — Epictetus, 50–135 AD Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red throws out three jabs, feints a fourth, and—BANG—lands a right hand on Blue down the center. This wasn't Blue's first day and despite his solid defense in front of the mirror, he feels the pressure. But something changed in the ring; the variety of punches, the feints, the intensity – it's nothing like his coach's simulations. Is my defense strong enough to withstand this? He wonders, do I even have a defense? His coach reassures him "If it weren't for all your practice, you wouldn't have defended those first jabs. You've got a defense—now you need to calibrate it. And that happens in the ring." Cybersecurity is no different. You can have your hands up—deploying the right architecture, policies, and security measures—but the smallest gap in your defense could let an attacker land a kn...

Two Eastern European nationals have been sentenced in the U.S. for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, have been each sentenced to 24 months and 48 months in prison, respectively, for their roles in the scheme. Court documents showed that both the individuals worked as administrators for an unnamed bulletproof hosting service provider that rented out IP addresses, servers, and domains to cybercriminal clients to disseminate malware such as Zeus, SpyEye, Citadel, and the Blackhole Exploit kit that were used to gain access to victims' machines, co-opt them to a botnet, and siphon banking credentials. The development comes months after Stassi and Shorodumov, along with the service's Russian founders Aleksandr Grichishkin and Andrei Skvort...

Law enforcement agencies from the US, Germany, Netherlands, Switzerland, France, along with Europol's European Cybercrime Centre (EC3), announced today the coordinated takedown of Safe-Inet, a popular virtual private network (VPN) service that was used to facilitate criminal activity. The three domains in question — insorg[.]org, safe-inet[.]com, and safe-inet[.]net — were shut down, and their infrastructure seized as part of a joint investigation called "Operation Nova." Europol called Safe-Inet a cybercriminals' " favorite ." A crucial reason for the domains' seizure has been their central role in facilitating ransomware, carrying out web-skimming, spear-phishing, and account takeover attacks. The service, which comes with support for Russian and English languages and has been active for over a decade, offered " bulletproof hosting services " to website visitors, often at a steep price to the criminal underworld. As of December 1, the ...