Last week, the authorities shut down bulletproof hosting Lolek (lolekhosted[.]net). Police have now arrested five of its administrators and confiscated servers allegedly used in Netwalker ransomware attacks.
Lolek has been a well-known bulletproof hosting provider that has been in business since 2009. It is often mentioned in articles about anonymous hosting platforms.
Bulletproof hosting providers tend to turn a blind eye to customer-hosted content and promise to keep them anonymous. Companies like these are known to provide IP addresses, servers, and domains to attackers to distribute malware, form botnets, and perform other scams and cyber-attacks.
Lolek was advertised as "100% confidential hosting" with no logs, that is, its creators assured that they did not record any activity on their servers and routers that could be used to accuse clients of crimes.
Although the FBI and the IRS did not release any details about the Lolek investigation last week, Europol and the US Department of Justice have now revealed that five administrators of the service have been arrested in Poland and all Lolek servers have been confiscated.
Europol says Lolek was shut down because cybercriminals used its resources to launch DDoS attacks, run spam campaigns, distribute infostealers, host control servers and fake online stores.
The US Department of Justice, in turn, reports that a Polish citizen named Artur Karol Grabowski is accused of administering Lolek. While it is currently unclear whether Grabowski was one of the hosting administrators arrested in Poland, the MOJ alleges that he facilitated cybercrime by allowing Lolek customers to register under false names, changing server IP addresses frequently, and notifying customers of legal requests in their respect.
In addition, the Ministry of Justice claims that Grabowski helped the Netwalker extortion group, which has already ceased to exist, which rented servers from Lolek that were used in more than 50 attacks (for hacking networks, storing stolen data and hacking tools).
Grabowski is currently facing charges of conspiracy to commit computer fraud, conspiracy to commit wire fraud, and international money laundering. If found guilty on all counts, he faces up to 45 years in prison.
Lolek has been a well-known bulletproof hosting provider that has been in business since 2009. It is often mentioned in articles about anonymous hosting platforms.
Bulletproof hosting providers tend to turn a blind eye to customer-hosted content and promise to keep them anonymous. Companies like these are known to provide IP addresses, servers, and domains to attackers to distribute malware, form botnets, and perform other scams and cyber-attacks.
Lolek was advertised as "100% confidential hosting" with no logs, that is, its creators assured that they did not record any activity on their servers and routers that could be used to accuse clients of crimes.
Although the FBI and the IRS did not release any details about the Lolek investigation last week, Europol and the US Department of Justice have now revealed that five administrators of the service have been arrested in Poland and all Lolek servers have been confiscated.
Europol says Lolek was shut down because cybercriminals used its resources to launch DDoS attacks, run spam campaigns, distribute infostealers, host control servers and fake online stores.
The US Department of Justice, in turn, reports that a Polish citizen named Artur Karol Grabowski is accused of administering Lolek. While it is currently unclear whether Grabowski was one of the hosting administrators arrested in Poland, the MOJ alleges that he facilitated cybercrime by allowing Lolek customers to register under false names, changing server IP addresses frequently, and notifying customers of legal requests in their respect.
In addition, the Ministry of Justice claims that Grabowski helped the Netwalker extortion group, which has already ceased to exist, which rented servers from Lolek that were used in more than 50 attacks (for hacking networks, storing stolen data and hacking tools).
Grabowski is currently facing charges of conspiracy to commit computer fraud, conspiracy to commit wire fraud, and international money laundering. If found guilty on all counts, he faces up to 45 years in prison.
