ClassPass introduces a corporate wellness program

/0 Comments/in /by

ClassPass has set up yet another revenue stream, signing to a corporate wellness program partners like Facebook, Glossier, Google, Morgan Stanley, Under Armour, Etsy, Southwest Airlines and Gatorade.

The program will give employees at these companies access to the ClassPass network of more than 22,000 studio partners across 2,500 cities around the world, which includes studio brands like Barry’s Bootcamp, Flywheel Sports and CorePower Yoga. Corporate partners also get access to a “large library” of on-demand audio and video workouts.

This comes after ClassPass retooled the ClassPass Live product, in which it invested the resources to build out a new live broadcast studio, and rebuilt it into a library of on-demand video workouts.

The company launched ClassPass Live in 2018 with the hopes that users could workout from home within the ClassPass ecosystem. CEO Fritz Lanman told TechCrunch in June that the company stopped doing live classes in April 2019 and repackaged the content into free, on-demand video classes.

According to the release, one of the issues with corporate wellness programs is that HR departments have to patch together programs based on the regions in which their companies have offices/employees. ClassPass argues that its scale across the country, and in 17 other countries, gives it an edge with corporations that have global workforces.

Moreover, the ClassPass corporate wellness program only charges employers when employees actually use the service, and allows employers to reward good behaviors (going to a certain number of classes per month) by offering additional credits toward ClassPass experiences.

Here’s what Lanman had to say about it in a prepared statement:

The ClassPass Corporate Program enables employers of all sizes to offer the world’s most extensive, one-stop fitness and wellness program to their employees worldwide. ClassPass is the best fitness program ever created for consumers. With this launch, it’s now also the best fitness program ever created for employers and their employees.

Dust Identity secures $10M Series A to identify objects with diamond dust

/0 Comments/in /by

The idea behind Dust Identity was originally born in an MIT lab where the founders developed the base technology for uniquely identifying objects using diamond dust. Since then, the startup has been working to create a commercial application for the advanced technology, and today it announced a $10 million Series A round led by Kleiner Perkins, which also led its $2.3 million seed round last year.

Airbus Ventures and Lockheed Martin Ventures, New Science Ventures, Angular Ventures and Castle Island Ventures also participated in the round. Today’s investment brings the total raised to $12.3 million.

The company has an unusual idea of applying a thin layer of diamond dust to an object with the goal of proving that that object has not been tampered with. While using diamond dust may sound expensive, the company told TechCrunch last year at the time of its seed round funding that it uses low-cost industrial diamond waste, rather than the expensive variety you find in jewelry stores.

As CEO and co-founder Ophir Gaathon told TechCrunch last year, “Once the diamonds fall on the surface of a polymer epoxy, and that polymer cures, the diamonds are fixed in their position, fixed in their orientation, and it’s actually the orientation of those diamonds that we developed a technology that allows us to read those angles very quickly.”

Ilya Fushman, who is leading the investment for Kleiner, says the company is offering a unique approach to identity and security for objects. “At a time when there is a growing trust gap between manufacturers and suppliers, Dust Identity’s diamond particle tag provides a better solution for product authentication and supply chain security than existing technologies,” he said in a statement.

The presence of strategic investors Airbus and Lockheed Martin shows that big industrial companies see a need for advanced technology like this in the supply chain. It’s worth noting that the company partnered with enterprise computing giant SAP last year to provide a blockchain interface for physical objects, where they store the Dust Identity identifier on the blockchain. Although the startup has a relationship with SAP, it remains blockchain agnostic, according to a company spokesperson.

While it’s still early days for the company, it has attracted attention from a broad range of investors and intends to use the funding to continue building and expanding the product in the coming year. To this point, it has implemented pilot programs and early deployments across a range of industries, including automotive, luxury goods, cosmetics and oil, gas and utilities.

This startup got $2.3M to identify physical objects using diamond dust

Southeast Asian cloud communications platform Wavecell acquired by 8×8 in deal worth $125 million

/0 Comments/in /by

Wavecell, a cloud-communications platform for companies in Southeast Asia, announced today that it has been acquired by 8×8 in a deal worth about $125 million. The acquisition will help San Jose, California-based 8×8 expand in Asia, where Wavecell already has offices in Singapore, Indonesia, the Philippines, Thailand and Hong Kong.

Wavecell’s cloud API platform, which includes SMS, chat, video and voice messaging, is used by companies such as Paidy, Lalamove and Tokopedia. It has relationships with 192 network operators and partners like WhatsApp and claims its infrastructure is used to share more than two billion messages each year.

The terms of the deal includes $69 million in cash and about $56 million in 8×8 common shares. Founded in 2010, Wavecell’s investors included Qualgro VC, Wavemaker Partners and MDI Ventures.

In a prepared statement, 8×8 CEO Vik Verma said “8×8 is now the only cloud provider that owns the full, global-scale, cloud-native, technology stack offering voice, video, messaging, and contact center delivered both as pre-packaged applications and as enterprise-class APIs. We’re excited to welcome the Wavecell employees to the 8×8 family. We now have a significant market presence in Asia and expect to continue to expand in the region and globally in order to meet evolving customer requirements.”

AT&T signs $2 billion cloud deal with Microsoft

/0 Comments/in /by

While AWS leads the cloud infrastructure market by a wide margin, Microsoft isn’t doing too badly, ensconced firmly in second place, the only other company with double-digit share. Today, it announced a big deal with AT&T that encompasses both Azure cloud infrastructure services and Office 365.

A person with knowledge of the contract pegged the combined deal at a tidy $2 billion, a nice feather in Microsoft’s cloud cap. According to a Microsoft blog post announcing the deal, AT&T has a goal to move most of its non-networking workloads to the public cloud by 2024, and Microsoft just got itself a big slice of that pie, surely one that rivals AWS, Google and IBM (which closed the $34 billion Red Hat deal last week) would dearly have loved to get.

As you would expect, Microsoft CEO Satya Nadella spoke of the deal in lofty terms around transformation and innovation. “Together, we will apply the power of Azure and Microsoft 365 to transform the way AT&T’s workforce collaborates and to shape the future of media and communications for people everywhere,” he said in a statement in the blog post announcement.

To that end, they are looking to collaborate on emerging technologies like 5G and believe that by combining Azure with AT&T’s 5G network, the two companies can help customers create new kinds of applications and solutions. As an example cited in the blog post, they could see using the speed of the 5G network combined with Azure AI-powered live voice translation to help first responders communicate instantaneously with someone who speaks a different language.

It’s worth noting that while this deal to bring Office 365 to AT&T’s 250,000 employees is a nice win, that part of the deal falls under the SaaS umbrella, so it won’t help with Microsoft’s cloud infrastructure market share. Still, any way you slice it, this is a big deal.

AWS remains in firm control of the cloud infrastructure market

Party Like a Russian, Carder’s Edition

/0 Comments/in /by

“It takes a certain kind of man with a certain reputation
To alleviate the cash from a whole entire nation…”

KrebsOnSecurity has seen some creative yet truly bizarre ads for dodgy services in the cybercrime underground, but the following animated advertisement for a popular credit card fraud shop likely takes the cake.

The name of this particular card shop won’t be mentioned here, and its various domain names featured in the video have been pixelated so as not to further promote the online store in question.

But points for knowing your customers, and understanding how to push emotional buttons among a clientele that mostly views America’s financial system as one giant ATM that never seems to run out of cash.

WARNING: Some viewers may find this video disturbing. Also, it is almost certainly Not Safe for Work.

The above commercial is vaguely reminiscent of the slick ads produced for and promoted by convicted Ukrainian credit card fraudster Vladislav “BadB” Horohorin, who was sentenced in 2013 to serve 88 months in prison for his role in the theft of more than $9 million from RBS Worldpay, an Atlanta-based credit card processor. (In February 2017, Horohorin was released and deported from the United States. He now works as a private cybersecurity consultant).

The clip above is loosely based on the 2016 music video, “Party Like a Russian,” produced by British singer-songwriter Robbie Williams.

Tip of the hat to Alex Holden of Hold Security for finding and sharing this video.

Qualtrics’ Julie Larson-Green will talk experience management at TC Sessions: Enterprise

/0 Comments/in /by

We’re less than two months out from our first TC Sessions: Enterprise event, which is happening in San Francisco on September 5, and did you know our buy-one-get-one-free sale ends today too! Among the many enterprise and startup executives that’ll join us for the event is Qualtrics’ Julie Larson-Green. If that name sounds familiar to you, it’s most likely because you remember her from her 25 years at Microsoft. After a successful career in Redmond, Larson-Green left Microsoft in 2017 to become the chief experience officer at SAP’s Qualtrics .

In that role, she’s perfect for our panel about — you guessed it — experience management.

Larson-Green joined Microsoft as a program manager for Visual C++ back in 1993. After moving up the ladder inside the company, she oversaw the launch of Windows 7 and became the co-lead of Microsoft’s hardware, games, music and entertainment division in 2013. At the time, she was seen as a potential replacement for then-CEO Steve Ballmer .

Later, during a period of reshuffling at the company in the wake of the Nokia acquisition, she became the chief experience officer of Microsoft’s Applications and Services group.

Larson-Green joined Qualtrics before it was acquired by SAP for $8 billion in cash. Qualtrics offers a number of products that range from customer experience tools to brand tracking and ad testing services, as well as employee research products for gathering feedback about managers, for example. At the core of its product is an analytics engine that helps businesses make sense of their employee and customer data, which in turn should help them optimize their customer experience scores and reduce employee attrition rates.

Our buy-one-get-one-free ticket deal ends today! Book a ticket for just $249 and you can bring a buddy for free. Book here before this deal ends.

We’re still selling startup demo tables, and each package comes with four tickets. Learn more here.

( function() {
var func = function() {
var iframe = document.getElementById(‘wpcom-iframe-57cf0ce86e96afe191659be3de9a8ed9’)
if ( iframe ) {
iframe.onload = function() {
iframe.contentWindow.postMessage( {
‘msg_type’: ‘poll_size’,
‘frame_id’: ‘wpcom-iframe-57cf0ce86e96afe191659be3de9a8ed9’
}, “https://tcprotectedembed.com” );
}
}

// Autosize iframe
var funcSizeResponse = function( e ) {

var origin = document.createElement( ‘a’ );
origin.href = e.origin;

// Verify message origin
if ( ‘tcprotectedembed.com’ !== origin.host )
return;

// Verify message is in a format we expect
if ( ‘object’ !== typeof e.data || undefined === e.data.msg_type )
return;

switch ( e.data.msg_type ) {
case ‘poll_size:response’:
var iframe = document.getElementById( e.data._request.frame_id );

if ( iframe && ” === iframe.width )
iframe.width = ‘100%’;
if ( iframe && ” === iframe.height )
iframe.height = parseInt( e.data.height );

return;
default:
return;
}
}

if ( ‘function’ === typeof window.addEventListener ) {
window.addEventListener( ‘message’, funcSizeResponse, false );
} else if ( ‘function’ === typeof window.attachEvent ) {
window.attachEvent( ‘onmessage’, funcSizeResponse );
}
}
if (document.readyState === ‘complete’) { func.apply(); /* compat for infinite scroll */ }
else if ( document.addEventListener ) { document.addEventListener( ‘DOMContentLoaded’, func, false ); }
else if ( document.attachEvent ) { document.attachEvent( ‘onreadystatechange’, func ); }
} )();

Workplace, Facebook’s service for business teams, is raising its prices for the first time since launch

/0 Comments/in /by

Three years into its life with 2 million paying users signed up, Workplace — Facebook’s platform for businesses and other organizations to build internal communities and communications — is about to make a significant business shift of its own. Come September 2, Workplace is changing its pricing tiers, how it charges its users and the services that it provides customers.

Up to now, Facebook has taken a very simple approach to how it charges for Workplace, unique not just because of it being a paid service (unlike Facebook itself, which is free), but for how it modeled its pricing on the basic building block of Facebook-the-consumer product: a basic version was free, with an enhanced premium edition costing a flat $3 per active user, per month.

In September, that will change. The standard (basic) tier is getting rebranded as Workplace Essential, and will still be free to use. Meanwhile, the premium tier is being renamed Workplace Advanced and getting charged $4 per person, per month. And Facebook is introducing a new tier, Workplace Enterprise, which will be charged at $8 per person, per month, and will come with a new set of services specifically around guaranteed, quicker support and first-look access at new features. (Those who are already customers have the option of being grandfathered for a year, the company said, before switching to a new plan.)

Screenshot 2019 07 16 at 14.16.02

Those are not the only changes. Two other notable shifts are getting introduced with these new tiers. First, these prices will be for all users, regardless of whether they are active in the month.

And second, they are specifically prices for people who access Workplace as general “knowledge workers” — marked by having email addresses and specific job functions. Frontline workers — for example, cashiers or baristas or others mostly on their feet all day helping customers — will be an add-on at $1.50 per person per month, also regardless of whether they are active or not.

For now, the rest of the features in the different tiers are remaining the same.

Screenshot 2019 07 16 at 14.16.33

The changes at Workplace come amid a number of other developments among workforce collaboration and communication platforms.

First and foremost, Slack has gone public, subjecting it and its ups and downs to a lot more public scrutiny, but also putting it on the map as a business of some standing, helping it make a bigger move into brokering more deals with the larger enterprises that Workplace has been winning over. The latter’s customers include the likes of Walmart, the world’s biggest employer; as well as Nestlé, Vodafone, GSK, Telefonica, AstraZeneca and Delta Airlines, and Facebook says there are more than 150 companies signed up with more than 10,000 employees each.

Teams, meanwhile, has now passed Slack in user numbers, and in a way is a more direct competitor: it has positioned itself (like Workplace) as a tool for both knowledge and frontline workers, helping with actual back-office collaboration, as well as a way to broadcast communications to a wider group of employees.

Julien Codorniou, the VP of Workplace, said the changes in pricing tiers was not a reaction to competition, but rather a reaction to customers. Although the pricing for Workplace was an interesting twist on how enterprises tend to procure IT, it turned out to be too novel by half: it turned out that most actually like the predictability of paying the same amount for a service upfront, rather than having the pricing change each month depending on usage.

“Today, customers’ bills change every month, for example when a co-worker goes on vacation or whatever,” he said. “It’s a nightmare for the accounting department, who needs to know how much to pay two years out.”

He added that this doesn’t mean you can’t change how much you pay: you could change the pricing each month if necessary.

So far, no one has made the shift to the new tiers, so it will be interesting to see how and if they have much of an impact. I do know that from retail theory, customers in stores are more likely to select a middle-priced product if they are given an option of something cheap and something expensive at either end, and so this could be an interesting way to drive more users to Workplace’s paid tier.

What is more clear is that this is also a way for Facebook to raise its prices for the first time since the service launched, and lays the groundwork for more differentiation between different kinds of offerings.

ContractPodAi scores $55M for its ‘AI-powered’ contract management software

/0 Comments/in /by

ContractPodAi, a London-based startup that has developed what it describes as AI-powered contract lifecycle management software, is disclosing $55 million in Series B funding. The round is led by U.S.-based Insight Partners, with participation from earlier backer Eagle Investment.

Founded in 2012, ContractPodAi offers an “end-to-end” solution spanning the three main aspects of contract management: contract generation, contract repository, and third-party review. Its AI offering, which uses IBM’s Watson, claims to streamline the contract management process and reduce the burden on corporate in-house legal teams.

“The legal profession has been historically behind the curve in technology adoption and our objective here is to support to digital transformation of legal departments via our contract management platform,” ContractPodAi co-founder and CEO Sarvarth Misra tells TechCrunch.

“Our business focusses on providing in-house counsel of corporations across the world with an easy to use, out of the box and scalable end to end contract management platform at a fixed fee SaaS licence model”.

With regards to ContractPodAi’s target customer, Misra says its solution is industry agnostic but is typically sold to large international businesses, including FTSE 500 and Fortune 2000 corporations. Customers include Bosch Siemens, Braskem, EDF Energy, Total Petroleum, Benjamin Moore and Freeview.

Armed with new capital, ContractPodAi says it plans to “significantly” scale up its product development, sales, and customer success teams globally. The company already has offices in San Francisco, New York, Glasgow and Mumbai, in addition to its London HQ.

Adds Misra: “We believe that market for contract management solutions is fragmented with providers focussing one or two aspects of contract management functionality. ContractPodAi’s objective has been to provide one contract management ecosystem which covers all aspects of contract management functionality… This, along with our fixed, transparent pricing and ability to provide full implementation as part of the annual SaaS, differentiates us the from the rest of the providers”.

AlphaSense, a search engine for analysis and business intel, raises $50M led by Innovation Endeavors

/0 Comments/in /by

Google and its flagship search portal opened the door to the possibilities of how to build a business empire on the back of organising and navigating the world’s information, as found on the internet. Now, a startup that’s built a search engine tailored to the needs of enterprises and their own quests for information has raised a round of funding to see if it can do the same for the B2B world.

AlphaSense, which provides a way for companies to quickly amass market intelligence around specific trends, industries and more to help them make business decisions, has closed a $50 million round of funding, a Series B that it’s planning to use to continue enhancing its product and expanding to more verticals.

Today, the company today counts some 1,000 clients on its books, with a heavy emphasis on investment banks and related financial services companies. That’s in part because of how the company got its start: Finnish co-founder and CEO Jaakko (Jack) Kokko he had been an analyst at Morgan Stanley in a past life and understood the labor and time pain points of doing market research, and decided to build a platform to help shorted a good part of the information gathering process.

“My experience as an analyst on Wall Street showed me just how fragmented information really was,” he said in an interview, citing as one example how complex sites like those of the FDA are not easy to navigate to look for new information an updates — the kind of thing that a computer would be much more adept at monitoring and flagging. “Even with the best tools and services, it still was really hard to manually get the work done, in part because of market volatility and the many factors that cause it. We can now do that with orders of magnitude more efficiency. Firms can now gather information in minutes that would have taken an hour. AlphaSense does the work of the best single analyst, or even a team of them.”

(Indeed, the “alpha” of AlphaSense appears to be a reference to finance: it’s a term that refers to the ability of a trader or portfolio manager to beat the typical market return.)

The lead investor in this round is very notable and says something about the company’s ambitions. It’s Innovation Endeavors, the VC firm backed by Eric Schmidt, who had been the CEO of none other than Google (the pace-setter and pioneer of the search-as-business model) for a decade, and then stayed on as chairman and ultimately board member of Google and then Alphabet (its later holding company) until just last June.

Schmidt presided over Google at what you could argue was its most important time, gaining speed and scale and transitioning from an academic idea into full-fledged, huge public business whose flagship product has now entered the lexicon as a verb and (through search and other services like Android and YouTube) is a mainstay of how the vast majority of the world uses the web today. As such he is good at spotting opportunities and gaps in the market, and while enterprise-based needs will never be as prominent as those of mass-market consumers, they can be just as lucrative.

“Information is the currency of business today, but data is overwhelming and fragmented, making it difficult for business professionals to find the right insights to drive key business decisions,” he said in a statement. “We were impressed by the way AlphaSense solves this with its AI and search technology, allowing businesses to proceed with the confidence that they have the right information driving their strategy.”

This brings the total raised by AlphaSense to $90 million, with other investors in this round including Soros Fund Management LLC and other unnamed existing investors. Previous backers had included Tom Glocer (the former Reuters CEO who himself is working on his own fintech startup, a security firm called BlueVoyant), the MassChallenge incubator, Tribeca Venture Partners and others. Kokko said AlphaSense is not disclosing its valuation at this point. (I’m guessing though that it’s definitely on the up.)

There have been others that have worked to try to tackle the idea of providing more targeted, and business focused search portals, from the likes of Wolfram Alpha (another alpha!) through to Lexis Nexis and others like Bloomberg’s terminals, FactSet, Business Quant and many more.

One interesting aspect of AlphaSense is how it’s both focused on pulling in requests as well as set up to push information to its users based on previous search parameters. Currently these are set up to only provide information, but over time, there is a clear opportunity to build services to let the engines take on some of the actions based on that information, such as adjusting asking prices for sales and other transactions.

“There are all kinds of things we could do,” said Kokko. “This is a massive untapped opportunity. But we’re not taking the human out of the loop, ever. Humans are the right ones to be making final decisions, and we’re just about helping them make those faster.”

Meet the World’s Biggest ‘Bulletproof’ Hoster

/0 Comments/in /by

For at least the past decade, a computer crook variously known as “Yalishanda,” “Downlow” and “Stas_vl” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today.

Image: Intel471

KrebsOnSecurity began this research after reading a new academic paper on the challenges involved in dismantling or disrupting bulletproof hosting services, which are so called because they can be depended upon to ignore abuse complaints and subpoenas from law enforcement organizations. We’ll get to that paper in a moment, but for now I mention it because it prompted me to check and see if one of the more infamous bulletproof hosters from a decade ago was still in operation.

Sure enough, I found that Yalishanda was actively advertising on cybercrime forums, and that his infrastructure was being used to host hundreds of dodgy sites. Those include a large number of cybercrime forums and stolen credit card shops, ransomware download sites, Magecart-related infrastructure, and a metric boatload of phishing Web sites mimicking dozens of retailers, banks and various government Web site portals.

I first encountered Yalishanda back in 2010, after writing about “Fizot,” the nickname used by another miscreant who helped customers anonymize their cybercrime traffic by routing it through a global network of Microsoft Windows computers infected with a powerful malware strain called TDSS.

After that Fizot story got picked up internationally, KrebsOnSecurity heard from a source who suggested that Yalishanda and Fizot shared some of the same infrastructure.

In particular, the source pointed to a domain that was live at the time called mo0be-world[.]com, which was registered in 2010 to an Aleksandr Volosovyk at the email address stas_vl@mail.ru. Now, normally cybercriminals are not in the habit of using their real names in domain name registration records, particularly domains that are to be used for illegal or nefarious purposes. But for whatever reason, that is exactly what Mr. Volosovyk appears to have done.

WHO IS YALISHANDA?

The one or two domain names registered to Aleksandr Volosovyk and that mail.ru address state that he resides in Vladivostok, which is a major Pacific port city in Russia that is close to the borders with China and North Korea. The nickname Yalishanda means “Alexander” in Mandarin (亚历山大).

Here’s a snippet from one of Yalishanda’s advertisements to a cybercrime forum in 2011, when he was running a bulletproof service under the domain real-hosting[.]biz:

-Based in Asia and Europe.
-It is allowed to host: ordinary sites, doorway pages, satellites, codecs, adware, tds, warez, pharma, spyware, exploits, zeus, IRC, etc.
-Passive SPAM is allowed (you can spam sites that are hosted by us).
-Web spam is allowed (Hrumer, A-Poster ….)

-Forbidden: Any outgoing Email spam, DP, porn, phishing (exclude phishing email, social networks)

There is a server with instant activation under botnets (zeus) and so on. The prices will pleasantly please you! The price depends on the specific content!!!!

Yalishanda would re-brand and market his pricey bulletproof hosting services under a variety of nicknames and cybercrime forums over the years, including one particularly long-lived abuse-friendly project aptly named abushost[.]ru.

In a talk given at the Black Hat security conference in 2017, researchers from Cisco and cyber intelligence firm Intel 471 labeled Yalishanda as one the “top tier” bulletproof hosting providers worldwide, noting that in just one 90-day period in 2017 his infrastructure was seen hosting sites tied to some of the most advanced malware contagions at the time, including the Dridex and Zeus banking trojans, as well as a slew of ransomware operations.

“Any of the actors that can afford his services are somewhat more sophisticated than say the bottom feeders that make up the majority of the actors in the underground,” said Jason Passwaters, Intel 471’s chief operating officer. “Bulletproof hosting is probably the biggest enabling service that you find in the underground. If there’s any one group operation or actor that touches more cybercriminals, it’s the bulletproof hosters.”

Passwaters told Black Hat attendees that Intel471 wasn’t convinced Alex was Yalishanda’s real name. I circled back with Intel 471 this week to ask about their ongoing research into this individual, and they confided that they knew at the time Yalishanda was in fact Alexander Volosovyk, but simply didn’t want to state his real name in a public setting.

KrebsOnSecurity uncovered strong evidence to support a similar conclusion. In 2010, this author received a massive data dump from a source that had hacked into or otherwise absconded with more than four years of email records from ChronoPay — at the time a major Russian online payment provider whose CEO and co-founders were the chief subjects of my 2014 book, Spam Nation: The Inside Story of Organized Cybercrime.

Querying those records on Yalishanda’s primary email address — stas_vl@mail.ru — reveal that this individual in 2010 sought payment processing services from ChronoPay for a business he was running which sold counterfeit designer watches.

As part of his application for service, the person using that email address forwarded six documents to ChronoPay managers, including business incorporation and banking records for companies he owned in China, as well as a full scan of his Russian passport.

That passport, pictured below, indicates that Yalishanda’s real name is Alexander Alexandrovich Volosovik. The document shows he was born in Ukraine and is approximately 36 years old.

The passport for Alexander Volosovyk, a.k.a. “Yalishanda,” a major operator of bulletproof hosting services.

According to Intel 471, Yalishanda lived in Beijing prior to establishing a residence in Vladivostok (that passport above was issued by the Russian embassy in Beijing). The company says he moved to St. Petersburg, Russia approximately 18 months ago.

His current bulletproof hosting service is called Media Land LLC. This finding is supported by documents maintained by Rusprofile.ru, which states that an Alexander Volosovik is indeed the director of a St. Petersburg company by the same name.

ARMOR-PIERCING BULLETS?

Bulletproof hosting administrators operating from within Russia probably are not going to get taken down or arrested, provided they remain within that country (or perhaps within the confines of the former republics of the Soviet Union, known as the Commonwealth of Independent States).

That’s doubly so for bulletproof operators who are careful to follow the letter of the law in those regions — i.e., setting up official companies that are required to report semi-regularly on various aspects of their business, as Mr. Volosovik clearly has done.

However, occasionally big-time bulletproof hosters from those CIS countries do get disrupted and/or apprehended. On July 11, law enforcement officials in Ukraine announced they’d conducted 29 searches and detained two individuals in connection with a sprawling bulletproof hosting operation.

The press release from the Ukrainian prosecutor general’s office doesn’t name the individuals arrested, but The Associated Press reports that one of them was Mikhail Rytikov, a man U.S. authorities say was a well-known bulletproof hoster who operated under the nickname “AbdAllah.”

Servers allegedly tied to AbdAllah’s bulletproof hosting network. Image: Gp.gov.ua.

In 2015, the U.S. Justice Department named Rytikov as a key infrastructure provider for two Russian hackersVladimir Drinkman and Alexandr Kalinin — in a cybercrime spree the government called the largest known data breach at the time.

According to the Justice Department, Drinkman and his co-defendants were responsible for hacks and digital intrusions against NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard.

Whether AbdAllah ever really faces justice for his alleged crimes remains to be seen. Ukraine does not extradite citizens, as the U.S. authorities have requested in this case. And we have seen time and again how major cybercriminals get raided and detained by local and federal authorities there, only to quickly re-emerge and resume operations shortly thereafter, while the prosecution against them goes nowhere.

Some examples of this include several Ukrainian men arrested in 2010 and accused of running an international crime and money laundering syndicate that used a custom version of the Zeus trojan to siphon tens of millions of dollars from hacked small businesses in the U.S. and Europe. To my knowledge, none of the Ukrainian men that formed the core of that operation were ever prosecuted, reportedly because they were connected to influential figures in the Ukrainian government and law enforcement.

Intel 471’s Passwaters said something similar happened in December 2016, when authorities in the U.S., U.K. and Europe dismantled Avalanche, a distributed, cloud-hosting network that was rented out as a bulletproof hosting enterprise for countless malware and phishing attacks.

Prior to that takedown, Passwaters said, somehow an individual using the nickname “Sosweet” who was connected to another bulletproof hoster that occurred around the same time as Avalanche got a tip about an impending raid.

“Sosweet was raided in December right before Avalanche was taken down, [and] we know that he was tipped off because of corruption [because] 24 hours later the guy was back in service and has all his stuff back up,” Passwaters said.

The same also appears to be true for several Ukrainian men arrested in 2011 on suspicion of building and disseminating Conficker, a malware strain that infected millions of computers worldwide and prompted an unprecedented global response from the security industry.

So if a majority of bulletproof hosting businesses operate primarily out of countries where the rule of law is not strong and/or where corruption is endemic, is there any hope for disrupting these dodgy businesses?

Here we come full circle to the academic report mentioned briefly at the top of this story: The answer seems to be — like most things related to cybercrime — “maybe,” provided the focus is on attempting to interfere with their ability to profit from such activities.

That paper, titled Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bulletproof Hosting, was authored by researchers at New York University, Delft University of Technology, King Saud University and the Dutch National High-Tech Crimes Unit. Unfortunately, it has not yet been released publicly, and KrebsOnSecurity does not have permission yet to publish it.

The study examined the day-to-day operations of MaxiDed, a bulletproof hosting operation based in The Netherlands that was dismantled last summer after authorities seized its servers. The paper’s core findings suggest that because profit margins for bulletproof hosting (BPH) operations are generally very thin, even tiny disruptions can quickly push these businesses into the red.

“We demonstrate the BPH landscape to have further shifted from agile resellers towards marketplace platforms with an oversupply of resources originating from hundreds of legitimate upstream hosting providers,” the researchers wrote. “We find the BPH provider to have few choke points in the supply chain amenable to intervention, though profit margins are very slim, so even a marginal increase in operating costs might already have repercussions that render the business unsustainable.”