Press "Enter" to skip to content

Good News: U.S. Charges Operators of Alleged Bullet Proof Hosting Service

Not every cybersecurity story is about another victim. This week brings some encouraging news, as U.S. authorities have announced charges against individuals accused of providing the infrastructure that many cybercriminals depend on.

The U.S. Department of Justice has unsealed an indictment charging three Russian nationals and two companies with operating what is known as a bullet proof hosting service. According to prosecutors, the operation allegedly provided internet infrastructure that supported ransomware gangs and other cybercriminal organizations responsible for more than $62 million in losses to victims in the United States and around the world.

So… what is a bullet proof hosting service?

If you’ve never heard the term “bullet proof hosting,” don’t let the name fool you. It doesn’t mean the servers are impossible to attack. Instead, it refers to hosting providers that knowingly lease servers and other internet services to cybercriminals while ignoring abuse complaints and law enforcement requests.

These services are often used to host phishing websites, malware distribution, ransomware infrastructure, command-and-control servers, and other malicious operations designed to stay online as long as possible.

Here’s the blog search on bullet proof hosting coverage, which includes other articles and podcast references discussing the topic in more detail.

If you’d like to learn more about bullet proof hosting, Wikipedia provides a general overview of the topic.

According to the indictment, the companies Media Land and ML.Cloud allegedly operated this type of service, giving criminal customers the infrastructure they needed to conduct attacks while attempting to evade disruption by investigators.

Why is this important?

Many cybercriminal groups rely on third-party infrastructure rather than building and maintaining their own. By targeting the organizations that provide these services, law enforcement can affect multiple criminal operations at once instead of focusing on a single ransomware gang or phishing campaign.

Removing or disrupting these services makes it more difficult and more expensive for criminals to continue operating.

The announcement is also another example of international cooperation against cybercrime. In addition to the criminal charges, the U.S. State Department is offering a reward of up to $10 million for information related to the defendants and their alleged activities.

Does this mean cybercrime will slow down or disappear?

Cybercrime is certainly not disappearing overnight, but stories like this demonstrate that investigators continue to pursue not only the attackers themselves, but also the organizations that make those attacks possible.

While no single case will stop cybercrime entirely, every successful disruption raises the cost of doing business for cybercriminals. That makes it harder for them to operate and gives defenders another victory in the ongoing fight against online crime. That’s always good news.

Sources

BleepingComputer: US charges alleged operators of Russian bulletproof hosting service

U.S. Department of Justice: Three Russian Nationals and Two Companies Indicted for International Cybercrimes Resulting in More Than $62M in Victim Losses


Discover more from Jared's Technology podcast network

Subscribe to get the latest posts sent to your email.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.