Pavel Vrublevsky

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Pavel Vrublevsky, (Russian: Павел Олегович Врублевский, Pavel Olegovich Vrublevsky) — Russian businessman, owner, founder and former CEO of ChronoPay credit card processing company, convicted for organizing Denial-of-service attack.

Pavel Vrublevksy
Pavel Vrublevsky
Born Pavel Olegovich Vrublevsky
(1978-29-12) 12 May 1978 (age 35)
Moscow, USSR
Nationality Russian
Known for Founder of Chronopay B.V.

Biography facts[edit]

  • Date of birth: 26 December 1978
  • Place of birth: Moscow, USSR
  • Citizenship: USSR → Russian Federation
  • Father: Oleg Vrublevsky
  • Spouse: Vera Vrublevskaya
  • Children: 3 children


Pavel Vrublevsky was born in Moscow, in 1978. At the age of 15, he was an exchange student as part of the American Field Service program in Norway, then studied at the Maurice Thorez Moscow Institute of Foreign Languages, which he left for the Sociology department of Moscow State University, from which he graduated in 2001. Vrublevksy told interviewers from Finance Magazine that he was expelled from university for disciplinary reasons.[1]

In his youth, Vrublevsky worked as a cash courier.[2] At 18, he opened his first IT company, which developed billing software for telecom firms. In 2003, he founded ChronoPay, headquartered in Amsterdam (Netherlands), taking the helm at the Moscow office.

In 2007, Vrublevsky launched the E-Avia project[3] - a payment platform for the tourist market and the airline industry. At various times he headed up the E-Commerce Committee of the National Association of Participants in Electronic Trade,[4] and the Anti-Spam Commission of the RF Communication Ministry's Internet development working group. Vrublevsky is also a member of the Russian Association for Electronic Communications (RAEC).[5]

Vrublevsky is married to producer Vera Vrublevskaya;[6] they have 3 children. He lives and works in Moscow.[7]

In 2011, he was included in Finance magazine's prestigious 33 Peppers list of the most successful men under 33.[1]

Business activity[edit]


In 2003 Vrublevsky founded ChronoPay B.V.

In 2005, ChronoPay debuted on the Russian market, and in 2006 was already the recipient of the prestigious Runet Prize. In 2006-7, jointly with Ivan Shapovalov, former producer of the famous T.A.T.u. musical duo, Vrublevsky acquired the online store, while actively pursuing his own mp3-related business activities.[8]

At roughly the same time, Vrublevsky became embroiled in a struggle between FAIR and ROMS, two competing entities involved in the collective management of authors' rights. ROMS representatives filed a complaint with the Prosecutor's Office against Vrublevsky and his company ChronoPay, alleging that ChronoPay refused to service online stores selling ROMS[9]-licensed mp3s. This complaint resulted in neither judicial nor criminal action.

What is curious is that it was precisely Vrublevsky's ChronoPay processes payments the infamous online store,[10][11] which was the subject of persecution from IFPI,[12] the international collective authors' rights management entity and also the subject of grievances the US had with Russia during talks about Russia's membership in the WTO.[13] was operating under ROMS license, contributing roughly 50% in licensing fees to this organization.[11]

Some internet sources claims, that ChronoPay also processed payments for a range of criminal operations, despite public complaints, including rogue anti-virus operations.[14] illegal online pharmaceuticals sales,[15] and even extortion based on fraudulent copyright claims.[16]

In 2006, Vrublevsky helmed the E-Commerce Committee of the National Association of Participants in Electronic Trade.[17] The committee advocated the maintenance of the existing online collective rights management model, whereas Vrublevsky openly supported FAIR - one of the then largest rights management entities.[7][18] He lost that position as well as other official positions in 2010, after Ilya V. Ponomarev, a Duma member and deputy of Russia's Duma’s Hi-Tech Development Subcommittee, publicly accused Vrublevsky of running spam and scareware scams while being part of organizations meant to stop them and called for his removal.[19]

In 2007, after e-tickets arrived in Russia, Vrublevsky began processing electronic airline tickets via E-Via, which he started. ChronoPay E-Avia processed payments for most major airlines (Transaero is the largest client) with the exception of Aeroflot.[20]


In 2012, Vrublevsky proposed to buy Hacker magazine from the GAMELAND publishing house.[21] According to media reports in 2012 Vrublevsky also is gearing up to purchase Russia's oldest business publication, Finansovaya Gazeta (founded 1915),[22] published jointly with the Russian Finance Ministry.


In 2012 Vrublevsky also created the RNP investment fund as a vehicle for cultivating new online ventures.[23]

Fighting cybercrime[edit]

In 2009, Vrublevsky, part of the anti-spam working group of the RF Communications Ministry,[24][25] started a campaign against Igor Gusev (the world's prime spammer per a Spamhaus ranking[26]) the owner of Glavmed, the largest spam network for Viagra sales.[27] Gusev was Vrublevsky's former business partner and now rival,[28] which may have prompted the activity.

Vrublevsky's role in the anti-spam campaign in Russia and abroad remains controversial despite the fact that his principal opponent, cyber-security expert Brian Krebbs and Igor Gusev have named him as the campaign's founder.[29][30] Experts agree that after criminal prosecution of Gusev began and the Spamit spam program was closed down in 2010, the global volume of spam fell by half.[31][32]

According to I. Gusev[33] and Brian Krebs,[34] Vrublevsky, operating under the RedEye handle, is the founder of, a well-known anonymous forum for Russian-speaking web-masters.[34] Vrublevsky has not confirmed this information,[35] although a blog on the forum by RedEye, a handle commonly connected to Vrublevsky, makes frequent reference to events in Vrublevsky's life, while the user RedEye's signature included links to companies owned by Vrublevsky.

Criminal prosecution[edit]

In 2007, Pavel Vrublevsky first became the object of persecution from a government agency.[36] The Interior Affairs Directorate for Northeastern Moscow conducted a search of an auxiliary office of ChronoPay as part of a case per Article 172 of the RF Criminal Code (illegal banking activity), taking office equipment and the company's safe. Over the next several months, ChronoPay was subjected to raids and searches resulting in the instigation of a criminal case per Article 172. This case would later be closed and re-opened numerous times, partially as a result of complaints by Duma Deputy Ilya Ponomarev.[25][37]

At the moment, there have been no charges brought against anyone in this case, the fate of which is unknown. A number of online sources have pointed out that this case was connected with the operations of the Fethard electronic payments system, but Vrublevsky himself denies it, despite mentions on blogs[38] An article by a blogger alleges that Vrublevsky owns Fethard jointly with Mikhail Zhilenkov, the husband of Yeltsin's granddaughter. has not confirmed a connection to this system.[39] One of the investigators responsible for prosecuting Vrublevsky, Stanislav Maltsev, went on to be an employee of Vrublevsky's company Chronopay [40] and is representing Vrublesvky in his current trial.[41]

The volume of materials published online in connection with Pavel Vrublevsky, including those classified For Internal Use Only, is sizable. Among these is the official correspondence between high-ranking Interior Ministry employees;[42] letters to Duma deputies, including Ilya Ponomarev, responding to inquiries; case-related correspondence;[43][44] a confession by Artimovich (one of the hackers) mentioning Vrublevsky; and supporting documentation from the FSB. The provenance of most of the documents has not been ascertained.[45]

Also leaked online were what appeared to be a large number of internal ChronoPay documents that, if genuine, show the large degree of criminal activity undertaken by employees at the company, including rogue anti-virus, illegal online pharmaceutical sales, operating affiliate programs for the same, extortion, DDoS attacks and corruption.[46] The leaked documents also included the ownership structure of ChronoPay, including that a key shareholder was Rove Digital.[47] Rove Digital, another cyber criminal enterprise based in Estonia, was itself closed after being targeted in what the FBI called the "biggest cybercriminal takedown in history." [48]

In the spring of 2011, cyber-security expert Brian Krebs accused Vrublevsky and Alexander Volkov of creating a malicious program aimed at Apple computers,[49] and accused ChronoPay of working with Mac Defender, a rogue security program posing as antivirus software.[50][51][52]

On June 24, 2011, The Moscow City Lefortovo Court issued a warrant for the arrest of Pavel Vrublevsky.[53][54] The arrest took place at the suit of the FSB Investigations Directorate, with support from the RF FSB Information Security Center. Upon returning to Moscow from the Maldives with his family, Vrublevsky was arrested at Sheremetyevo airport. The FSB accused Vrublevsky of commissioning a DDoS attack on Assist, a competing payment processor.[55][56][57] ChronoPay and Assist were competing for Aeroflot's business, and as part of that attack on Asstit, the Aeroflot e-ticket sales system went down, which caused the airline to leave Assist, albeit for Alfa-Bank. Aeroflot also filed a 194 million ruble lawsuit against VTB-24 bank, which had purchased Assist processing company.[58]

Vrublevsky spent the next six months in pre-trial detention at Lefortovo. During that time he pled guilty in an attempt to be granted bail.[59][60] He was released under the Russian alw that says a prisoner cannot be held for more than six month without trial, as his trial had not yet started.

After being released, Vrublevsky was preparing the sale of ChronoPay, which he publicly stated that he hoped would be purchased by a major state bank.[23] Vrublevsky's lawyer maintained that the case was fabricated from beginning to end, and demanded that FSB employees be held liableФСБ.[61] The criminal case was sent back for supplementary investigation for a curious reason: the FSB investigation made a mistake (which was affirmed by the Prosecutor General's Office in the indictment) in the number of the federal law per which Vrublevsky was being charged. Instead of Russian Federal Law 26 (Article 272: illegal access, and Article 273: creating and using a virus) the law cited was Russian Federal Law 28 (a law having to do with the ratification of an agreement between RF and Asian countries to create a joint narcotics elimination center).[62][63] Subsequently, the charges per Article 273 were removed by Tushinsky Court in view of an expired statute of limitations.[64]

The whys and wherefores of Vrublevsky's persecution were discussed in the press. For instance, an article by Irek Murtazin in Novaya Gazeta[65] stated that, despite being prosecuted by the FSB Information Security Center, Vrublevsky could be an agent or partner of the "K" Directorate of the FSB in illegally funneling money out of the country. Save a number of value judgements, the article did not offer any facts to buttress this claim. Employees of ChronoPay, owned by Vrublevsky, have asserted that his arrest has to do with an attempt at an illegal takeover of the company,[66] although there was no further public corroboration of this. According to documents related to the case leaked online, the botherder accused of actually launching the attack, Igor Artimovich, who also used the handle Engel, launched the attack at Vrublevsky's request.[67] The aforementioned leaked ChronoPay documents also make reference to Engel. Among othe rthings, they include a payment of more than 9,000 US dollars to "Engel" a few days before the attack began.[68]

American journalist and cyber-security expert Brian Krebs stated on his blog that the criminal prosecution of Vrublevsky was in part the result of an ongoing feud between Pavel Vrublevsky and his ex-partner Igor Gusev. Mr. Kreb's articles highlight reports of bribes paid by both men to cause official troubles for one another.[69][70] Incriminating documents appearing to be stolen from ChronoPay appeared online during this feud, as incriminating information appearing to be from Gusev's spam brokerage project Spammit. Gusev is currently on the run following criminal charges for his spam operations.[71]

In August 2013 Vrublevsky was found guilty and sentenced to two-and-half years in a Russian penal colony.[72]

Interviews and media links[edit]

In Russian[edit]


  1. ^ a b 33 Peppers. Finance magazine № 11 (390) 28.03–03.04.2011
  2. ^ Interview with RedEye > Interview >
  3. ^ ChronoPay запускает новый проект E-Avia. ChronoPay launches E-Avia, a new project. News about search engines, catalogues and online business.
  4. ^ Gutierrez: The largest pirate site continues to operate in Russia | RIA Novosti
  5. ^ Group-IB Presentation. Modern corporate crimes.
  6. ^ Ivan Shapovalov: The present without provocation. | Musecube
  7. ^ a b Pavel Vrublevsky's dossier |
  8. ^ PIRATES AND THE 21st CENTURY. Part 3
  9. ^ ROMS Challenges ChronoPay | MoneyNews
  10. ^ Russia's Brand of iTunes. Time. Tuesday, June 13, 2006
  11. ^ a b Russian mp3s will have their financing blocked - @ASTERA
  12. ^ Internet: Western rights holders want to sue popular Russian mp3 site
  13. ^ halts musical pause («КоммерсантЪ», 28.08.2007) - WTO.RU
  14. ^ [1]
  15. ^ [2]
  16. ^ [3]
  17. ^ VZGLYAD / Russia stuck with MP3>
  18. ^ Ъ-Газета - Internet pirates lose protection
  19. ^ [4]
  20. ^ Electronification of air travel. ChronoPay plans to become e-ticket market leader | comnews
  21. ^ Media for hackers | IT | Moscow news
  22. ^ Raf Shakirov relaunches Finansovaya Gazeta — Marker business newspaper
  23. ^ a b "We were at Lefortovo and understand the harsh realities in which Russian businessmen live"- ChronoPay owner Pavel Vrublevsky - Interview - Finmarket
  24. ^ Russian Anti-Spam Chief Caught Spamming. DailyTech May 19, 2010
  25. ^ a b
  26. ^ Glavmed owner Igor Anatolyevich Gusev births "epic sh*te" — The Moscow Post
  27. ^ Вести.Ru: Largest spammer in the world turns out to be Russian
  28. ^ [5]
  29. ^ Russian Electronic Communications Association reports success in fighting cybercrime!
  30. ^ Pharma Wars: The Price of (in)Justice — Krebs on Security
  31. ^ Spam volume falls after shuts down |
  32. ^ Black Market Pharmacies And The Big Business Of Spam by Tracey Samuelson January 11, 2013
  33. ^ Let's meet: Pavel Olegovich Vrublevsky, aka RedEye
  34. ^ a b Following the Money, Part II — Krebs on Security
  35. ^ ChronoPay CEO PAvel Vrublevsky/ Runetologiya / Podcast on
  36. ^ RedEye: Fethard was not turned over to the government. Miku blog
  37. ^ English Translation of one of complaints in a Brian Krebs blog
  38. ^ [6]
  39. ^ The Moscow Post: RedEye emerges from jail?
  40. ^ [7]
  41. ^ [8]
  42. ^
  43. ^ FSB propaganda: Hacker attacks on Assist happened on the orders of ChronoPay head Pavel Vrublevsky | security information portal
  44. ^ Pavel Vrublevsky (RedEye)
  45. ^ FSB propaganda re DDoS attack on Assist servers published
  46. ^ [9]
  47. ^ [10]
  48. ^ [11]
  49. ^ ChronoPay Fueling Mac Scareware Scams — Krebs on Security
  50. ^ Following the Money: Rogue Anti-virus Software The Washington Post
  51. ^ ChronoPay Fueling Mac Scareware Scams — Krebs on Security
  52. ^ CNews: Fake antivirus Mac Defender inextricably linked to Russians
  53. ^ ChronoPay's Vrublevsky Arrested for Cyber Attack. eSecurity Planet, June 24 2011
  54. ^ ChronoPay CEO arrested on suspicion of organizing a DDoS on Aeroflot's site - | Business
  55. ^ ChronoPay CEO arrested for alleged DDoS attack on rival
  56. ^ Russian online payments company chief arrested. The Financial Times. June 24, 2011
  57. ^ Why Pavel Vrublevsky was arrested |
  58. ^ Financial Mogul Linked to DDoS Attacks — Krebs on Security
  59. ^ ChronoPay owner Vrublevsky pleads guilty in cyber attack case, court extends detention. East-West Digital News / Nov 02, 2011
  60. ^ Vrublevsky: After emerging from pre-trial detention I became much more hard-boiled | Business | Digit. Internet technology magazine. Profoundly about the profound.
  61. ^ VEDOMOSTI - ChronoPay owner's case goes to court
  62. ^ Prosecutor's Office mistakenly charges Vrublevsky with narcotrafficking |
  63. ^ Charge removed from indictments of those accused in Aeroflot DDoS attack. Charge removed from indictments of those accused in Aeroflot DDoS attack. RAPSI News 14/09/2012
  64. ^ M24.RU - Charges in case of attack on Aeroflot's site partially removed - The "Moscow 24" municipal channel
  65. ^ Cybercriminal № 1 Pavel Vrublevsky: Superagent or FSB victim?
  66. ^ News of Vrublevsky's arrest on the Business FM site. 27 June 2011.
  67. ^ [12]
  68. ^ [13]
  69. ^ Pharma Wars: The Price of (in)Justice. B.Krebs. 17.11.11
  70. ^ Pharma Wars: Purchasing Protection. B.Krebs. 30.08.2011.
  71. ^ [14]
  72. ^ [15]

External links[edit]