The cyber security department of the Security Service of Ukraine (SBU), the Prosecutor-General's Office and the State Bureau of Investigation have tracked down abuse tolerant hosting provided by Ukrainian national Mykhaylo Rytikov (Titov).
The acting head of the SBU's cyber security department, Mykola Kuleshov, said at a briefing that this hosting is used for DDoS attacks, distribution of spam and porn.
Rytikov sold his services through closed hacker forums and specialized web resources, saying that his servers are located in data centres in Lebanon, Iraq, Iran, Germany, Panama, the Netherlands, Belize and Russia. In practice, the hardware was set up in one of the unfinished houses in Odesa. The space was equipped with a secret telecommunications channel and even had its own elevator.
According to the acting head of the SBU, Ivan Bakanov, the Odesa resident controlled 40% of the Russian-language darknet.
One of Rytikov's clients was cybercriminal No 1, the developer of the ZeuS virus, Evgeniy Bogachev, wanted by the FBI.
A criminal investigation into Rytikov's case was launched on 25 January 2019. On 11 July, the investigation files were used as a reason for conducting 29 searches in which more than 120 law-enforcement officers were involved. Servers, routers, autonomous systems used to cover illegal activities were seized.
Rytikov and one of his accomplices were detained and declared suspects under Article 361 Part 2 (unauthorized interference in the operation of computer systems) and Article 301 (distribution of pornography). They are under house arrest.
Mikhail Rytikov is one of the "Russian hackers" compromised 160 million credit card numbers in the USA. In 2018, one of the participants in this attack, Vladimir Drinkman, was sentenced to 144 months in prison for criminal conspiracy to hack computers and commit fraud. Another one, Dmitriy Smilianets was sentenced to 51 months and 21 days in prison. He was released because he had been in custody the entire required time before the verdict was handed down.
Over seven years, hackers have penetrated the data networks of more than 10 US and international corporations. These include such major operators as NASDAQ, Heartland Payment Systems Inc. and Carrefour SA, as well as the Belgian bank Dexia Bank Belgium. They have inflicted losses mounting up to 300m dollars.
They operated using anonymous web hosting services provided by Rytikov.
In the United States, Rytikov was sentenced to 50 years in prison. He is charged with fraud, unauthorized interference, theft of personal data and a number of other crimes under US criminal law.
The FBI has been looking for him for about 10 years and is ready to detain him if he is found in the US territory or a country that can extradite him. Ukraine does not extradite its citizens to other states.