:

US INDICTS RUSSIAN 'BULLETPROOF' WEB HOSTS FOR $62M CYBERCRIME SCHEME

SECURITY DESK2 MIN READ
WED, JUL 15, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Federal prosecutors have unsealed a 2024 indictment charging three Russian nationals and two web hosting services with facilitating cyberattacks and money laundering that victimized cybercrime targets of $62 million.

The indictment, filed in US federal court, alleges that the defendants operated "bulletproof" hosting services designed to evade law enforcement detection. These platforms provided infrastructure specifically marketed to cybercriminals seeking anonymity for their operations. The three Russian nationals are accused of knowingly supporting threat actors conducting ransomware attacks, data theft schemes, and other cybercrimes. The web hosting services allegedly maintained servers in multiple jurisdictions to complicate investigation efforts. Bulletproof hosting remains a persistent challenge for cybersecurity authorities. These services typically operate with minimal terms of service enforcement, encrypted customer communications, and rapid takedown resistance. They deliberately cater to criminal clientele and profit directly from cybercriminal activity. The $62 million figure represents confirmed losses traced directly to attacks facilitated through these hosting services. Investigators identified connections between the defendants and multiple ransomware gangs and cybercriminal groups operating across Eastern Europe and beyond. The case reflects broader US efforts to disrupt the infrastructure supporting transnational cybercrime. Federal agencies have intensified prosecutions targeting not just the hackers themselves, but the service providers enabling their operations. Despite the indictment, the defendants remain at large. Extradition from Russia remains unlikely given the country's limited cooperation with US law enforcement on cybercrime matters. The charges carry substantial federal penalties including conspiracy, computer fraud, and money laundering counts. This enforcement action underscores the complex challenge of disrupting cybercriminal ecosystems. While shuttering individual hosting platforms proves possible, defendants frequently relocate services or rebrand operations to continue serving criminal markets. Sustained pressure on infrastructure providers aims to increase operational costs and friction for threat actors.

■ SOURCES

TechCrunch

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

A hacker accessed Suno's source code using stolen employee credentials, revealing that the AI music generator scraped decades of audio from YouTube to train its model.

JUST NOWAI Desk

Criminals can now clone voices with AI in mere seconds, outpacing traditional authentication defenses that banks and financial institutions rely on to prevent fraud.

JUST NOWAI Desk

Five malicious versions of AsyncAPI packages were published to npm, delivering a remote access trojan capable of stealing credentials and sensitive data from developer systems.

JUST NOWDev Desk

Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.

1H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.