An indictment was revealed yesterday in Tampa, Florida, charging a Polish national named Artur Karol Grabowski with computer fraud conspiracy, wire fraud conspiracy, and international money laundering. The charges are related to Grabowski’s provision of “bulletproof” webhosting services. These services made it easier for criminals to carry out malicious activities such as ransomware, brute-force attacks, and phishing, and launder the proceeds of their illegal operations.
Grabowski operated a webhosting company called LolekHosted, which provided “bulletproof” webhosting services. He allegedly allowed clients to register accounts using false information, did not keep IP address logs of client servers, frequently changed the IP addresses of client servers, ignored abuse complaints made by third parties against clients, and informed clients of legal inquiries received from law enforcement. Grabowski registered the “LolekHosted.net” domain in 2014 and advertised that its services were “bulletproof,” provided “100% privacy hosting,” and allowed clients to host “everything except child porn.”
NetWalker ransomware is a type of ransomware that was facilitated by LolekHosted. The NetWalker ransomware was deployed on around 400 victim company networks, including municipalities, hospitals, law enforcement and emergency services, school districts, colleges, and universities, which resulted in the payment of more than 5,000 bitcoin in ransoms (currently valued at approximately $146 million). LolekHosted clients used its services to execute around 50 NetWalker ransomware attacks on victims located all over the world, including the Middle District of Florida. Clients used the servers of LolekHosted as intermediaries to gain unauthorized access to victim networks and store hacking tools and data stolen from victims.
On August 8, U.S. authorities seized LolekHosted.net, the domain name that LolekHosted used for nearly a decade. Visitors to LolekHosted.net will now find a seizure banner that notifies them that the domain name has been seized by federal authorities. The U.S. District Court for the Middle District of Florida issued the seizure warrant.
If convicted on all counts, Grabowski could face a maximum sentence of 45 years in prison. The indictment also notifies Grabowski that the United States is seeking an order of forfeiture in the amount of $21.5 million, the proceeds of the charged criminal conduct. Grabowski remains a fugitive.
The announcement was made by Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division and U.S. Attorney Roger B. Handberg for the Middle District of Florida.
The case is being investigated by the FBI Tampa Field Office, with assistance from the IRS Criminal Investigation Cyber Crimes Unit.