Skip to content

Search the site

Bulletproof host hit with charges in US

A Polish man believed to be behind the LolekHosted bulletproof hosting service has been indicted on multiple charges in the US

A Polish man has been indicted in the US for running a hosting service that protected cybercrime groups.

Attorneys with the Department of Justice (DOJ) say that 36 year old Artur Karol Grabowski could face up to 46 years behind bars on counts of computer fraud conspiracy, wire fraud conspiracy, and money laundering.

The charges stem from allegations that Grabowski was operating the LolekHosted hosting service. Billing itself as a "bulletproof" host, LolekHosted operated as a private hosting service that would allow cybercriminals to operate anonymously.

Such shady hosts are fairly common in underground forums and are one of the primary tools cybercrime groups use to run their schemes without fear of being tracked by law enforcement.

LolekHosted, however, was said to be a more popular service and was used for everything from Phishing schemes to ransomware attacks. The only rule on the service, it is said, was not to host or distribute child abuse images.

LolekHosted would then allegedly help the criminals cover their tracks by registering their accounts with false information, hiding IP addresses, and frequently changing IP addresses.

In particular, Grabowski's company was alleged to have been a prolific host for attacks using the Netwalker ransomware, helping criminals to run around 50 different instances. Netwalker has been a popular ransomware infection for years, having extorted millions of dollars from victims.

"The NetWalker ransomware was deployed on approximately 400 victim company networks, including municipalities, hospitals, law enforcement and emergency services, school districts, colleges, and universities, which resulted in the payment of more than 5,000 bitcoin in ransoms (currently valued at approximately $146 million)," DOJ said in announcing the indictment.

"LolekHosted clients used its services to execute approximately 50 NetWalker ransomware attacks on victims located all over the world."

At least one of the victims was within the Central District of Florida, where the case is to be tried by both the district US attorney and lawyers from the DOJ's Computer Crime and Intellectual Property office.

Grabowski has not yet been arrested, according to the DOJ. It is not known if he would be charged in Poland prior to extradition to the US to face charges. In addition to the possibility of decades behind bars, Grabowski would be subject to a $21.5m forfeiture order.

The LolekHosted service itself, meanwhile, was taken offline by US and Polish law enforcement earlier this week. Those who visit the service's homepage will now be greeted with an FBI seizure notice.