November 23, 2024
'Bulletproof' hosting site that allegedly enabled 400 ransomware attacks seized, founder indicted
Prosecutors hit Polish national Artur Karol Grabowski with criminal charges over hosting LolekHosted, which allegedly helped criminals deploy ransomware.

FBI Director Christopher Wray testifies before a House Judiciary Committee hearing on “oversight of the Federal Bureau of Investigation” and alleged politicization of law enforcement, on Capitol Hill in Washington, U.S., July 12, 2023.

Jonathan Ernst | Reuters

The mastermind behind a ransomware hosting service that allegedly helped criminals collect more than 5,000 bitcoin in ransom from hundreds of victims was indicted in federal court this week, prosecutors announced Thursday. At current prices, that bitcoin would be worth more than $146 million.

Artur Grabowski’s LolekHosted service operated for about a decade and advertised itself as a haven for “everything but child porn,” according to Florida prosecutors. Clients allegedly used the hosting service to deploy ransomware viruses that infected around 400 networks around the world. Ransomware attacks typically lock and encrypt the data on an organization’s computers so they’re unusable until the victim pays a fee.

Grabowski and his co-conspirators allegedly refused to cooperate with law enforcement requests, protected allegedly criminal actors from takedowns, and profited immensely from the service.

Grabowski was charged with computer fraud, wire fraud, and conspiracy to commit international money laundering.

Grabowski himself is also the subject of a $21.5 million seizure order.

The indictment against the Grabowski was unsealed in Florida court Wednesday. Grabowski remains at large.

Three other unindicted and unnamed co-conspirators were also involved in the alleged scheme, prosecutors said in the charging document.

His “100% privacy hosting” service was seized Tuesday by the IRS’ Criminal Investigation unit and the Federal Bureau of Investigation. Grabowski, a Polish national, faces a maximum sentence of 45 years, if he is ever detained and convicted.

Federal prosecutors have stepped up their efforts to curtail ransomware attacks. Earlier this year, the Justice Department launched a dedicated unit focused on combating cyber national security threats.

A string of ransomware prosecutions have also been unsealed in U.S. courts, although with perpetrators scattered around the world, it’s unclear how many will face time behind bars.

WATCH: Ransomware attacks have surged 20%, CEO says