Nov '23

Administrator of 'Bulletproof' Webhosting Domain Charged in … – Department of Justice

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Archived News
Para Notícias en Español
An indictment was unsealed yesterday in Tampa, Florida, charging a Polish national with computer fraud conspiracy, wire fraud conspiracy, and international money laundering in connection with the provision of “bulletproof” webhosting services that facilitated the operation of ransomware attacks and the subsequent laundering of the illicit proceeds.
According to court documents, Artur Karol Grabowski, 36, operated a webhosting company named LolekHosted. Through LolekHosted, Grabowski provided “bulletproof” webhosting services, which is secure webhosting designed to facilitate malicious and criminal activities, including ransomware, brute-force attacks, and phishing. Grabowski allegedly facilitated the criminal activities of LolekHosted clients by allowing clients to register accounts using false information, not maintaining Internet Protocol (IP) address logs of client servers, frequently changing the IP addresses of client servers, ignoring abuse complaints made by third parties against clients, and notifying clients of legal inquiries received from law enforcement. Grabowski registered the domain “LolekHosted.net” in 2014, and advertised that its services were “bulletproof,” provided “100% privacy hosting,” and allowed clients to host “everything except child porn.”
The NetWalker ransomware was one of the ransomware variants facilitated by LolekHosted. The NetWalker ransomware was deployed on approximately 400 victim company networks, including municipalities, hospitals, law enforcement and emergency services, school districts, colleges, and universities, which resulted in the payment of more than 5,000 bitcoin in ransoms (currently valued at approximately $146 million). LolekHosted clients used its services to execute approximately 50 NetWalker ransomware attacks on victims located all over the world, including in the Middle District of Florida. Specifically, clients used the servers of LolekHosted as intermediaries when gaining unauthorized access to victim networks, and to store hacking tools and data stolen from victims.
On Aug. 8, U.S. authorities seized LolekHosted.net, the domain name LolekHosted used for nearly a decade. Visitors to LolekHosted.net will now find a seizure banner that notifies them that the domain name has been seized by federal authorities. The U.S. District Court for the Middle District of Florida issued the seizure warrant.
If convicted on all counts, Grabowski faces a maximum penalty of 45 years in prison. The indictment also notifies Grabowski that the United States is seeking an order of forfeiture in the amount of $21.5 million, the proceeds of the charged criminal conduct. Grabowski remains a fugitive.
Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division and U.S. Attorney Roger B. Handberg for the Middle District of Florida made the announcement.
The FBI Tampa Field Office is investigating the case, with assistance from the IRS Criminal Investigation Cyber Crimes Unit.
Trial Attorney Sonia V. Jimenez of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorneys Carlton C. Gammons and Suzanne Nebesky for the Middle District of Florida are prosecuting the case.
Substantial assistance was provided by the Justice Department’s Office of International Affairs and the FBI’s Legal Attaché Office in Warsaw, Poland. Polish authorities also provided substantial assistance.
An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
On Oct. 17, pursuant to a court order issued in the Eastern District of Missouri, the United States seized 17 website domains used by North Korean information technology (IT) workers…
Thank you for the kind introduction. It’s an honor to be with you all, and I am grateful for this opportunity to discuss the important work the Department of Justice’s…
A computer system administrator and his spouse pleaded guilty today to participating in a massive international scheme to make millions of dollars by selling pirated business telephone system software licenses…
Office of Public Affairs
U.S. Department of Justice
950 Pennsylvania Avenue, NW
Washington DC 20530
Office of Public Affairs Direct Line
Department of Justice Main Switchboard
Signup for Email Updates
Social Media
U.S. Department of Justice logo
Have a question about Government Services?




Joker has been buying and selling domains since the late 90's. He has worked with many portfolios and investors over the past decade as well.

Leave a Reply

Your email address will not be published. Required fields are marked *