The Web of Illusion 2004-2007: The Crime-Hosting Empire that Disappeared in Russia's Darkness

The Web of Illusion 2004-2007: The Crime-Hosting Empire that Disappeared in Russia's Darkness

An organization based in St. Petersburg, Russia was established around 2004. Ostensibly a legitimate Internet hosting company, it was in reality an underground infrastructure supporting all manner of illegal activities, including spam, malware, phishing, child pornography, and credit card fraud. Its name was Russian Business Network. Although its life was short, it cast a deep shadow over the world.

The organization's most notorious case is the malware known as the Storm Worm, which spread around the world in 2007. Victims received an email with a provocative subject line, such as "Death by storm in Europe," which, when opened, infected their computers and took control as part of a botnet. Infected terminals were used to send spam and attack servers, quietly eating into systems around the world. The very Russian business network was the hub of this storm worm.

Around the same time, a domain registrar called Estodomains attracted attention. A large number of domains for fraudulent websites and malware distribution sites were acquired there, and the Russian Business Network was also behind it. When this came to light, international condemnation ensued, leading the governing body to finally revoke its license.

As security firms and research institutes gradually exposed its true nature, all official sites and communications were suddenly silenced at the end of the same year. As if in a phantom, they disappeared without a trace. But that was not the end. The organization simply split into several aliases and disguised companies and moved its activities underground.

The man who is said to have been behind the organization's actual operations was a man named Aleksandr Boikov. Based in St. Petersburg, he is said to have operated a legitimate company on the surface, while behind the scenes he managed the network's central hub. He has not been prosecuted in Russia, and his figure remains unknown to this day.

Another important figure is Igor Gusev. Known to the public as the "spam king," he ran a spam network that spread illegal drug ads and other illegal activities. His name is Spamit. Behind his activities was the hosting of a Russian business network. In 2000, his home was searched and he was placed on an international wanted list, but he was never arrested and disappeared from the country.

The damage caused by this organization is enormous. Estimates of the total annual damage worldwide are in the billions of dollars. At one point, it was reported that 60% of all spam mail sent around the world was sent through this organization. Many countries were affected, including the United States, the United Kingdom, Germany, France, Japan, South Korea, and Canada. Targets included government agencies, banks, medical institutions, and mail-order websites. Investigative and investigative agencies also worked, but were unable to get to the heart of the matter due to the non-cooperation of the Russian authorities.

The Russian business network allegedly grew with the tacit approval of the state. Or it was even whispered that there was even collaboration with some security agencies. Its existence has also influenced modern ransomware groups and state-sponsored cyberattacks. The lesson they leave behind is how the line between legal and criminal is blurred in cyberspace.

Disappeared networks, untraceable masterminds, and the shadow of the state. All are intertwined, and the phantoms they left behind are still flickering in the digital abyss.