Police have taken down a Lolek bulletproof internet hosting service utilized by criminals to launch cyber-attacks internationally.
The takedown was a part of a coordinated effort between the Polish Central Cybercrime Bureau and the US Division of Justice (DoJ), alongside help from Europol and the Federal Bureau of Investigation (FBI).
In a press release, Europol mentioned: “5 of its directors have been arrested, and all of its servers seized, rendering LolekHosted.web not obtainable.”
A DoJ announcement confirmed {that a} Polish nationwide has been charged with laptop fraud conspiracy. Unsealed court docket paperwork identify the suspect as Artur Karol Grabowski, aged 36.
If convicted on all counts, Grabowski faces a most penalty of 45 years in jail. The indictment additionally notifies Grabowski that the US is looking for an order of forfeiture within the quantity of $21.5m, the proceeds of the charged legal conduct. Grabowski stays a fugitive.
Bulletproof Internet hosting a Cyber Risk
What’s bulletproof internet hosting? In keeping with a definition from SentinelOne: “Safety specialists use the time period “bulletproof internet hosting websites” to discuss with internet hosting providers which might be significantly lenient in regards to the varieties of fabric they permit their clients to add and distribute.”
Europol famous {that a} “blind eye” is turned to what clients use the area type for.
The advanced investigation into LolekHosted.web revealed how the service facilitated the distribution information-stealing malware, and in addition the launching of distributed denial of service (DDoS) assaults, fictitious on-line outlets, Botnet server administration and distribution of spam messages worldwide, Europol mentioned.
Notable advertising slogans for the service included: “You possibly can host something right here!” and “no-log coverage.” Funds have been to be made in cryptocurrencies.
The DoJ added: “Grabowski registered the area LolekHosted.web in 2014, and advertized that its providers have been ‘bulletproof,’ supplied ‘100% privateness internet hosting,’ and allowed shoppers to host ‘all the things besides youngster porn’.”
Ransomware
The NetWalker ransomware was one of many ransomware variants facilitated by LolekHosted.web, in response to the DoJ. NetWalker ransomware was deployed on roughly 400 sufferer firm networks, together with municipalities, hospitals, legislation enforcement and emergency providers, faculty districts, faculties, and universities, which resulted within the fee of greater than 5,000 bitcoin in ransoms (at present valued at roughly $146m).
A coordinated worldwide legislation enforcement motion to disrupt NetWalker was introduced by the DoJ in 2021 and a defendant was charged alongside $500,000 seized.
Analysis from McAfee in 2020 mentioned that NetWalker had made $25m in only a matter of months. The ransomware first appeared in 2019.
