December 3, 2012

The co-founder and owner of ChronoPay, one of Russia’s largest e-payment providers, is suing Russian security firm Kaspersky Lab, alleging that the latter published defamatory blog posts about him in connection with his ongoing cybercrime trial.

ChronoPay founder Pavel Vrublevsky, at his office in Moscow

Pavel O. Vrublevsky, is on trial in Moscow for allegedly hiring the curator of the Festi spam botnet to attack one of ChronoPay’s rival payment processors. He spent six months in prison last year after admitting to his part in the attack on Assist, a company that processed payments for Russian airline Aeroflot.

The events leading up to that crime are the subject of my Pharma Wars series, which documents an expensive and labyrinthine grudge match between Vrublevsky and the other co-founder of ChronoPay: Igor Gusevthe alleged proprietor of GlavMed and SpamIt, sister organizations that until recently were the largest sources of spam touting rogue Internet pharmacies. For his part, Vrublevsky has been identified as the co-owner of a competing rogue pharmacy program, the now-defunct Rx-Promotion.ย 

Kaspersky blogger Tatyana Nikitina has covered Vrublevsky’s trial, which has been marked by prosecutorial miscues, allegations of official corruption, and the passage of new Russian laws that actually reduce the penalties for some of Vrublevsky’s alleged offenses. In her latest blog post, “The Vrublevsky Case is Ruined,” Nikitina laments yet another regressive milestone in the trial: The dismissal of claims by Aeroflot that it suffered almost $5 million losses as a result of the cyberattack.

Late last month, Vrublevsky’s lawyers fired back, filing a $5 million defamation lawsuit against Kaspersky Lab, charging that its publications contained untrue and defamatory information. In the suit, Vrublevsky argues that Kaspersky is not only trying to discredit him and influence the judicial process, but that Kaspersky is hardly a disinterested party. He noted that Assist was using Kaspersky’s DDoS protection services at the time of the attack, which Assist said took its services offline for a week.

Contacted via Twitter, Eugene Kaspersky, founder of the Russian antivirus firm, declined to comment on the matter, beyond saying that the company’s lawyers were looking forward to reviewing the allegations. An unofficial copy of the claim is available here.

Interestingly, prior to his arrest and incarceration, Vrublevsky briefly pursued similar defamation charges against the author of this blog, in an apparent attempt to silence my reporting on the Pharma Wars. Around that time, hackers who had broken into ChronoPay leaked thousands of internal ChronoPay emails, documents and other materials. Among those were several recorded phone calls between Vrublevsky and a Russian-speaking lawyer he’d hired in Washington, D.C. to draw up legal papers for suing me.

Those conversations, along with dozens of emails between ChronoPay executives and their lawyers, showed that Vrublevsky was prepared to spend quite a bit of money to bring a defamation case against KrebsOnSecurity. Ultimately, Vrublevsky was advised that he may have a slim chance of winning, that the case could drag on for years, and that he and ChronoPay could be vulnerable to having even more of their business dragged into the light of day if the case ever went to trial.


34 thoughts on “Vrublevsky Sues Kaspersky

  1. Nikolay

    I wish he will win that case. Somebody should stop those bold bloggers.

    1. Hans

      Thank goodness God was with, Mr Krebs !

      The KGB will be coming for Pavel soon…

      1. voksalna

        1987 called. It wants its security service back. ๐Ÿ™

        1. voksalna

          Which is to say there is no KGB anymore. Geez who downvotes this?

          1. SeymourB

            It doesn’t help that many if not most employees of the KGB were hired by the FSB.

            As in business, a name change doesn’t help much if the same people are running the show. Worldcom renamed itself (back to) MCI and it didn’t help because the same jerks that got them in trouble in the first place were still in charge.

            1. voksalna

              How does that saying go, “Meet the new boss, same as the old boss?” Only somewhat.

              Maybe similar in some ways, worse in others, better in others, but there ARE differences. Enough English speakers seem to have a problem with knowing geography; it does nobody a service to not correct something like this misconception. This would be like my saying all of your past presidents and politicians (and your political parties) are the same.

              Yes, FSB has a lot of the same people as were KGB, but there are different motivations and different rulers now, and as such there are different rules. FSB can decide where they go on vacation, for starters. ๐Ÿ˜‰

  2. Old School

    “He noted that Assist was using Kasperskyโ€™s DDoS protection services at the time of the attack, which Assist said took its services offline for a week.” @Brian: Is there another story here on the subject of the efficacy of Kaspersky’s DDoS protection services? Secondly, and off topic, based on the photo Mr Vrublevsky should be informed about the dangers of cigaret smoking.

    1. AlwaysAWitness

      For some reason Brian always chooses worst photos of Pavel. Actually its difficult to say why. Some of them even date back to times when Pavel was 40 (!) kgs more than now. He dropped 40 kgs of weight about 7 years ago when he went in for sports.

      Pavel’s photo archive is available at http://www.facebook.com/rnp01
      More than 50 actual photos.

      1. BrianKrebs Post author

        I love it when Pasha comes on this blog under assumed names. When I interviewed him in Moscow, he referred to himself constantly in the third person.

        In answer to your question, I prefer to use pictures I’ve taken than someone else’s, when available.

        1. voksalna

          Forgive me if this is facetious (and I am butting in on your conversation), but do you not do the same thing when you log onto forums under assumed names? Granted you have access to IP logs of posters (whether they are reliable or not is another story), but is this post of yours not a little bit uncouth/presumptuous?

          1. BrianKrebs Post author

            If you had listened to as many hours of Pavel talking as I have (probably more than 100), you would know his manner of speech as well, so no, I don’t think that’s presumptuous.

            1. voksalna

              Weren’t you planning on writing a book? When is this coming out?

            2. voksalna

              That strikes me as a weak (and indeed dangerous) attributional methodology for a journalist, Brian. Anybody reading your own column, for instance, or with any history of interacting with you online could likely imitate your style. It would stand to reason that the same would be true of Mr. Vrublevsky (after all, your own writing indicates he has interacted with a large number of people over the years — and that he has enemies).

              Much as it perturbs me to admit this, I prefer to retain the notion that you took the IP-based approach vis a vis attribution, in order to preserve my respect for your journalistic reputation and integrity.

  3. Uzzi

    .oO(‘Legal practice’ is a bizarre bazar… at least let’s welcome Kaspersky to the club of lesser disinterested parties. 8-))

  4. Just some reader

    You have enemies? Good. That means youโ€™ve stood up for something, sometime in your life. – Winston Churchill

    1. BrianKrebs Post author

      Or, as the inimitable Chris Smither would say, “If nobody hates you, nobody knows you’re alive.”

  5. Andrew

    Fascinating story – I too can’t help but detect a bit of conflict-of-interest with Kaspersky

    And not to stand up for the guy but that’s a pretty positive photo IMO – suit with cufflinks, fresh haircut, confident look and cigarettes are still cool outside the health crowd. Also it’s his right to bring up libel cases against defamation

    The thumbs-down – click to show this message – feature is somewhat annoying because that means I have to enable javascript to see them

    1. voksalna

      I have been thinking this same thing for a long time. Brian makes me use a different browser just to access his blog. ๐Ÿ™

  6. Joe

    Brian continues to document the actions of a convicted criminal, a person whose actions likely has influenced, in a negative way, how we all perceive the internet and its usage.

    The comment field seems to revolve around issues like whether the images show mr. Vrublevsky at his best, or whether he is an innocent lamb being harassed by Kaspersky.

    Right.

    I for one hope that the Russian legal system is strong enough to resist pressure from people with craploads of money. The result if it isn’t is to further solidify Russia as a safe haven for cyber criminals, something none of us wants. And Brian, good work as always.

          1. AlphaCentauri

            In the US, a guilty plea would be considered equivalent to a conviction. There is another plea called “no contest” which means the defendant does not admit guilt but does not wish to fight prosecution — same result as far as punishment, but no admission of guilt.

            1. voksalna

              Slightly off-topic, but related to your comment, AlphaCentauri:

              The American legal process is confounding. The U.S.A. is one of the few countries that will ruin a person’s reputation without a conviction by plastering names and personal details all over the place (especially disturbing given the ramifications of a global internet heaped with a preponderance of people with a penchant for web searching any and everyone).

              The U.S.’s surveillance, investigation, seizure and informant laws are also quite unfortunate. I’m not a convicted criminal (nor have I ever had so much as a criminal charge rendered against me; it bothers me to some degree that this should matter), but even I see a problem with dragging someone’s reputation through the mud with no other recourse, or rifling through and outright *taking* peoples’ property without so much as having to prove anything (look at the seizure laws in the USA; this is how many police forces are now funding their departments.

              Because this blog has so many quotes, I shall remind you of the one that goes something like ‘before pointing out the mote in thy neighbour’s eye, kindly remove the plank from thine own.’

              1. voksalna

                PS: I got a dictionary and am not drunk today. Haha.

Comments are closed.