Law enforcement agencies have successfully dismantled the Lolek bulletproof hosting provider, arresting five individuals and confiscating servers for their alleged facilitation of Netwalker ransomware attacks and other malicious activities. Bulletproof hosting providers, known for ignoring reports of criminal activities, provide a haven for cybercriminals to operate without fear of shutdown.
Furthermore, Lolek, which marketed itself as a “100% privacy hosting” service with a no-log policy, allowed a wide range of activities, accepting PayPal and cryptocurrency payments. This takedown comes as part of a coordinated international effort between Polish and US authorities, aimed at disrupting cybercrime networks.
Europol and the US Department of Justice (DOJ) have shed light on the extent of Lolek’s illicit operations. The Polish Central Cybercrime Bureau, in collaboration with the Regional Prosecutor’s Office in Katowice, seized LolekHosted.net, a bulletproof hosting service used for launching cyber-attacks worldwide. The takedown not only involved arrests but also rendered LolekHosted.net inoperable.
It was revealed that Lolek was utilized by cybercriminals for launching DDoS attacks, distributing information-stealing malware, hosting command and control servers, fake online shops, and spam campaigns. The DOJ further revealed that a Polish national, Artur Karol Grabowski, was charged with facilitating cybercrime by enabling customers to register under fake names, frequently changing server IP addresses, and assisting in the Netwalker ransomware operation, which executed approximately 50 attacks globally.
The successful operation, led by the FBI and IRS and supported by Europol, reflects law enforcement’s ongoing efforts to target bulletproof hosting providers, which play a significant role in malware distribution and cybercrime. The takedown highlights the international collaboration required to combat such criminal activities effectively. As cyber threats continue to evolve, authorities are committed to disrupting the infrastructure that enables cybercriminals to operate with impunity.