{
	"id": "bf1c4268-99f9-4ac4-a4c6-e1af5100b6c1",
	"created_at": "2026-05-07T02:43:58.243812Z",
	"updated_at": "2026-05-07T02:44:10.895134Z",
	"deleted_at": null,
	"sha1_hash": "81eed85834010fca86c1ace612cc1c244db9bd6d",
	"title": "Four Individuals Plead Guilty to RICO Conspiracy Involving “Bulletproof Hosting” for Cybercriminals",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 37948,
	"plain_text": "Four Individuals Plead Guilty to RICO Conspiracy Involving\r\n“Bulletproof Hosting” for Cybercriminals\r\nPublished: 2021-05-07 · Archived: 2026-05-07 02:36:55 UTC\r\nFour Eastern European nationals have pleaded guilty to conspiring to engage in a Racketeer Influenced Corrupt\r\nOrganization (RICO) arising from their providing “bulletproof hosting” services between 2008 and 2015, which\r\nwere used by cybercriminals to distribute malware and attack financial institutions and victims throughout the\r\nUnited States.\r\nAccording to court documents, Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr\r\nSkorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia, were founders and/or members of a bulletproof\r\nhosting organization. The group rented Internet Protocol (IP) addresses, servers, and domains to cybercriminal\r\nclients, who used this technical infrastructure to disseminate malware used to gain access to victims’ computers,\r\nform botnets, and steal banking credentials for use in frauds. Malware hosted by the organization included Zeus,\r\nSpyEye, Citadel, and the Blackhole Exploit Kit, which rampantly attacked U.S. companies and financial\r\ninstitutions between 2009 and 2015 and caused or attempted to cause millions of dollars in losses to U.S. victims.\r\nA key service provided by the defendants was helping their clients to evade detection by law enforcement and\r\ncontinue their crimes uninterrupted; the defendants did so by monitoring sites used to blocklist technical\r\ninfrastructure used for crime, moving “flagged” content to new infrastructure, and registering all such\r\ninfrastructure under false or stolen identities.\r\n“Every day, transnational organized cybercriminals deploy malware that ravages our economy and victimizes our\r\ncitizens and businesses,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s\r\nCriminal Division. “The criminal organizations that purposefully aid these actors — the so-called bulletproof\r\nhosters, money launderers, purveyors of stolen identity information, and the like — are no less responsible for the\r\nharms these malware campaigns cause, and we are committed to holding them accountable. Prosecutions like this\r\none increase the costs and risks to cybercriminals and ensure that they cannot evade responsibility for the\r\nenormous injuries they cause to victims.”\r\n“Fraud over the internet has had a major economic impact on our community, and all over our nation and the\r\nworld,” stated Acting U.S. Attorney Saima S. Mohsin of the Eastern District of Michigan. “An essential part of\r\nreducing the fraud involves vigorously investigating and prosecuting individuals such as these ‘bulletproof\r\nhosters’ who enable the fraudsters in victimizing people over the internet.”\r\n“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of\r\ncybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said\r\nSpecial Agent in Charge Timothy Waters of the FBI’s Detroit Field Office. “This resulted in millions of dollars of\r\nlosses to U.S. victims. Today’s guilty plea sends a message to cybercriminals across the globe that they are not\r\nbeyond the reach of the FBI and its international partners, and that anyone who facilitates or profits from criminal\r\ncyber activity will be brought to justice.”\r\nhttps://www.justice.gov/opa/pr/four-individuals-plead-guilty-rico-conspiracy-involving-bulletproof-hosting-cybercriminals\r\nPage 1 of 2\n\nAccording to court filings and statements made in connection with their guilty pleas, Grichishkin and Skvortsov\r\nwere founding members of the organization and its proprietors. Skvortsov was responsible for marketing the\r\norganization’s criminal business and served as a point of contact for important and/or disgruntled clients, and\r\nGrichishkin was the organization’s day-to-day leader and oversaw its personnel. Skorodumov was one of the\r\norganization’s lead systems administrators, and at some points, its only systems administrator. In this role, he\r\nconfigured and managed the clients’ domains and IP addresses, provided technical assistance to help clients\r\noptimize their malware and botnets, and monitored and responded to abuse notices. Stassi undertook various\r\nadministrative tasks for the organization, including conducting and tracking online marketing to the organization’s\r\ncriminal clientele and using stolen and/or false personal information to register webhosting and financial accounts\r\nused by the organization.\r\nStassi, Skorodumov, and Grichishkin pleaded guilty in February and March 2021 to one count of RICO\r\nconspiracy. Skvortsov pleaded guilty today to the same charge. All four guilty pleas took place before Chief U.S.\r\nDistrict Judge Denise Page Hood in the Eastern District of Michigan. Sentencing of Stassi, Skorodumov,\r\nGrichishkin, and Skvortsov has been set for June 3, June 29, July 8, and Sept. 16, respectively. Each defendant\r\nfaces a maximum penalty of 20 years in prison. A federal district court judge will determine each sentence after\r\nconsidering the U.S. Sentencing Guidelines and other statutory factors.\r\nThe FBI investigated the case with critical assistance from law enforcement partners in Germany, Estonia, and the\r\nUnited Kingdom.\r\nSenior Counsel Louisa K. Marion of the Criminal Division’s Computer Crime and Intellectual Property Section\r\nand Assistant U.S. Attorney Patrick E. Corbett of the Eastern District of Michigan prosecuted the case. The Justice\r\nDepartment’s Office of International Affairs provided substantial assistance.\r\nSource: https://www.justice.gov/opa/pr/four-individuals-plead-guilty-rico-conspiracy-involving-bulletproof-hosting-cybercriminals\r\nhttps://www.justice.gov/opa/pr/four-individuals-plead-guilty-rico-conspiracy-involving-bulletproof-hosting-cybercriminals\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.justice.gov/opa/pr/four-individuals-plead-guilty-rico-conspiracy-involving-bulletproof-hosting-cybercriminals"
	],
	"report_names": [
		"four-individuals-plead-guilty-rico-conspiracy-involving-bulletproof-hosting-cybercriminals"
	],
	"threat_actors": [],
	"ts_created_at": 1778121838,
	"ts_updated_at": 1778121850,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/81eed85834010fca86c1ace612cc1c244db9bd6d.pdf",
		"text": "https://archive.orkl.eu/81eed85834010fca86c1ace612cc1c244db9bd6d.txt",
		"img": "https://archive.orkl.eu/81eed85834010fca86c1ace612cc1c244db9bd6d.jpg"
	}
}