'Bulletproof' LolekHosted Down Following Police OperationNetWalker Ransomware Hackers Used the Polish Web-Hosting Service
U.S. authorities seized a web-hosting company used by ransomware hackers in a joint operation with Polish authorities that resulted in the arrest of five individuals and the indictment of the site's owner.
The site, LolekHosted, now displays a banner showing its seizure by the FBI and the IRS. The indictment says site owner Artur Grabowski knowingly allowed ransomware hackers to host ransomware as part of "bulletproof" web-hosting services launched in 2014.
The indictment, unsealed in Tampa federal court Friday, says two unnamed co-conspirators who were affiliates of the ransomware-as-a-service group NetWalker used LolekHosted for attacks (see: NetWalker Ransomware Affiliate Faces 20 Years in US Prison).
The U.S. Department of Justice said Grabowski faces up to 45 years in prison, if found guilty. Prosecutors are also seeking the forfeiture of $21.5 million. The department said Grabowski remains a fugitive.
Polish authorities on Thursday announced the arrest of five LolekHosted admins. Europol said criminals had used LolekHosting as a launching point for info-stealing malware, DDoS attacks, botnet management, fraudulent online shops and the distribution of spam.
"The suspects marketed privacy as a key feature of this service, using slogans such as, 'You can host anything here!' and 'no-log policy.' Payments were to be made in cryptocurrencies," Europol said.
Two of the Polish detainees will remain in pretrial police custody for at least the next three months. Polish law enforcement said it has confiscated hundreds of servers containing tens of terabytes of data.
Among the features that made LolekHosted attractive to its criminal clientele were frequent changes of the server IP addresses, the ability to register accounts using false information, a disregard for abuse complaints made by third parties, and notification of any legal inquiries from law enforcement.