Blog

Administrator of ‘Bulletproof’ Webhosting Domain Charged in Connection with Facilitation of NetWalker Ransomware

U.S. authorities announce court-authorized seizure of LolekHosted.net

Default Author Image
August 14, 2023

“An indictment was unsealed yesterday in Tampa, Florida, charging a Polish national with computer fraud conspiracy, wire fraud conspiracy, and international money laundering in connection with the provision of ‘bulletproof’ webhosting services that facilitated the operation of ransomware attacks and the subsequent laundering of the illicit proceeds.”

“According to court documents, Artur Karol Grabowski, 36, operated a webhosting company named LolekHosted. Through LolekHosted, Grabowski provided ‘bulletproof’ webhosting services, which is secure webhosting designed to facilitate malicious and criminal activities, including ransomware, brute-force attacks, and phishing. Grabowski allegedly facilitated the criminal activities of LolekHosted clients by allowing clients to register accounts using false information, not maintaining Internet Protocol (IP) address logs of client servers, frequently changing the IP addresses of client servers, ignoring abuse complaints made by third parties against clients, and notifying clients of legal inquiries received from law enforcement. Grabowski registered the domain ‘LolekHosted.net’ in 2014, and advertised that its services were ‘bulletproof,’ provided ‘100% privacy hosting,’ and allowed clients to host ‘everything except child porn.'”

“The NetWalker ransomware was one of the ransomware variants facilitated by LolekHosted. The NetWalker ransomware was deployed on approximately 400 victim company networks, including municipalities, hospitals, law enforcement and emergency services, school districts, colleges, and universities, which resulted in the payment of more than 5,000 bitcoin in ransoms (currently valued at approximately $146 million). LolekHosted clients used its services to execute approximately 50 NetWalker ransomware attacks on victims located all over the world, including in the Middle District of Florida. Specifically, clients used the servers of LolekHosted as intermediaries when gaining unauthorized access to victim networks, and to store hacking tools and data stolen from victims.”

“On Aug. 8, U.S. authorities seized LolekHosted.net, the domain name LolekHosted used for nearly a decade. Visitors to LolekHosted.net will now find a seizure banner that notifies them that the domain name has been seized by federal authorities. The U.S. District Court for the Middle District of Florida issued the seizure warrant.”

“If convicted on all counts, Grabowski faces a maximum penalty of 45 years in prison. The indictment also notifies Grabowski that the United States is seeking an order of forfeiture in the amount of $21.5 million, the proceeds of the charged criminal conduct. Grabowski remains a fugitive.” (Source: US Department of Justice)

Begin your free trial today.