fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Bulletproof Hosting Admins Sentenced For Helping Cybercrime Gangs

Bulletproof Hosting Admins Sentenced For Helping Cybercrime Gangs

Two Eastern European men were sentenced to prison on Racketeer Influenced Corrupt Organization (RICO) charges for bulletproof hosting services used by multiple cybercrime operations to target US organizations.

They provided cybercrime-affiliated clients with the infrastructure needed to host exploit kits and to run malicious campaigns distributing spam emails and malware for roughly seven years, between 2008 and 2015.

“The group rented IP addresses, servers, and domains to cybercriminal clients who employed this technical infrastructure to disseminate malware used to gain access to victims’ computers, form botnets, and steal banking credentials for use in fraud,” the DOJ said in the sentencing memorandum.

“Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which attacked U.S. companies and financial institutions between 2009 and 2015 and caused or attempted to cause millions of dollars in losses to U.S. victims.”

Also Read: How a Smart Contract Audit Works and Why it is Important

For instance, as revealed in court documents, the Federal Deposit Insurance Corporation (FDIC) said SpyEye and Zeus attacks caused roughly $64 million in damages to banks and their corporate clients in 2011 alone, according to estimations based on reported incidents.

The bulletproof hosting service also helped cybercrime gangs register new infrastructure using stolen or false identities that allowed them to circumvent law enforcement efforts to block their attacks.

A key service provided by the defendants was helping their clients to evade detection by law enforcement and continue their crimes uninterrupted; the defendants did so by monitoring sites used to blocklist technical infrastructure used for crime, moving “flagged” content to new infrastructure, and registering all such infrastructure under false or stolen identities. – DOJ

Bulletproof hosting founders waiting sentencing

The bulletproof hosting service was founded by Russian citizens Aleksandr Grichishkin and Andrei Skvortsov, who were also indicted in the same case.

They hired Estonian Pavel Stassi and Lithuanian Aleksandr Skorodumov, who were sentenced to two and four years in prison, respectively, as the organization’s administrator and system admin.

While Skorodumov and Stassi were responsible for keeping systems running and helping malware and botnet operations optimize their “services,” Skvortsov and Grichishkin oversaw marketing, personnel management, and client support.

All four defendants pleaded guilty to one count of RICO conspiracy in February, March, and May 2021. The bulletproof hosting founders also face a maximum penalty of 20 years in prison.

Also Read: Data Centre Regulations Singapore: Does It Help To Progress?

The FBI investigated the case with assistance from law enforcement partners from the United Kingdom, Germany, and Estonia.

“Cybercrime presents a serious and persistent threat to the United States, and these prosecutions send a clear message that ‘bulletproof hosters’ who purposely aid other cybercriminals are responsible, and will be held accountable, for the harms their criminal clients cause within our borders,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us