Pavel Vrublevsky

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Pavel Vrublevksy
Born Pavel Olegovich Vrublevsky
(1978-12-26) 26 December 1978 (age 38)[citation needed]
Moscow, USSR
Nationality Russian
Alma mater Maurice Thorez Moscow Institute of Foreign Languages
Moscow State University
Occupation Programmer, businessman, entrepreneur
Known for Founder of Chronopay B.V.
Spouse(s) Vera Vrublevsky
Children 3

Pavel Olegovich Vrublevsky (Russian: Павел Олегович Врублевский; born 26 December 1978) is a Russian computer programmer, businessman and entrepreneur. He is the former CEO of ChronoPay credit card processing company, convicted for organizing a denial-of-service attack.

Early life and education[edit]

Vrublevsky was born in Moscow to Oleg and Vera Vrublevsky.[1] In his youth, Vrublevsky worked as a cash courier.[2] At the age of 15, he was an exchange student as part of the American Field Service program in Norway, then studied at the Maurice Thorez Moscow Institute of Foreign Languages, which he left for the Sociology department of Moscow State University, from which he graduated in 2001. Vrublevksy told interviewers from Finance magazine that he was expelled from university for disciplinary reasons.[3]

At 18, he opened his first IT company, which developed billing software for telecom firms.

Business activity[edit]


In 2003 Vrublevsky founded ChronoPay B.V., headquartered in Amsterdam, taking the helm at the Moscow office. In 2005, ChronoPay debuted on the Russian market, and in 2006 was already the recipient of the Runet Prize.

In 2006-7, Vrublevsky, along with music producer Ivan Shapovalov, acquired the online store, while actively pursuing his own mp3-related business activities.[4] In 2007, Vrublevsky launched the E-Avia project[5] - a payment platform for the tourist market and the airline industry.

At roughly the same time, Vrublevsky became embroiled in a struggle between FAIR and ROMS, two competing entities involved in the collective management of authors' rights. ROMS representatives filed a complaint with the Prosecutor's Office against Vrublevsky and his company ChronoPay, alleging that ChronoPay refused to service online stores selling ROMS[6]-licensed mp3s. This complaint resulted in neither judicial nor criminal action.

Vrublevsky's ChronoPay processes payments for the online store,[7][8] which was the subject of persecution from IFPI,[9] the international collective authors' rights management entity and also the subject of grievances the US had with Russia during talks about Russia's membership in the WTO.[10] was operating under ROMS license, contributing roughly 50% in licensing fees to this organization.[8]

Some internet sources claim that ChronoPay also processed payments for a range of criminal operations, despite public complaints, including rogue anti-virus operations,[11] illegal online pharmaceuticals sales,[12] and even extortion based on fraudulent copyright claims.[13]

In 2006, Vrublevsky helmed the E-Commerce Committee of the National Association of Participants in Electronic Trade.[14] The committee advocated the maintenance of the existing online collective rights management model, whereas Vrublevsky openly supported FAIR - one of the then-largest rights management entities.[1][15] He lost that position as well as other official positions in 2010, after Ilya V. Ponomarev, a Duma member and deputy of Russia's Duma’s Hi-Tech Development Subcommittee, publicly accused Vrublevsky of running spam and scareware scams while being part of organizations meant to stop them and called for his removal.[16]

In 2007, after e-tickets arrived in Russia, Vrublevsky began processing electronic airline tickets via E-Via, which he started. ChronoPay E-Avia processed payments for most major airlines with the exception of Aeroflot.[17]


In 2012, Vrublevsky proposed to buy Hacker magazine from the GAMELAND publishing house.[18] According to media reports in 2012 Vrublevsky also is gearing up to purchase Russia's oldest business publication, Finansovaya Gazeta (founded 1915),[19] published jointly with the Russian Finance Ministry.


In 2012 Vrublevsky also created the RNP investment fund as a vehicle for cultivating new online ventures.[20]

Fighting cybercrime[edit]

In 2009, Vrublevsky was part of the anti-spam working group of the RF Communications Ministry,[21][22] started a campaign against Igor Gusev (the world's prime spammer per a Spamhaus ranking[23]) the owner of GlavMed, the largest spam network for Viagra sales.[24] Gusev was Vrublevsky's former business partner and now rival,[25] which may have prompted the activity.

Vrublevsky's role in the anti-spam campaign in Russia and abroad remains controversial despite the fact that his principal opponent, cyber-security expert Brian Krebbs and Igor Gusev, have named him as the campaign's founder.[26][27] Experts agree that after criminal prosecution of Gusev began and the SpamIt spam program was closed down in 2010, the global volume of spam fell by half.[28][29]

According to I. Gusev[30] and Brian Krebs,[31] Vrublevsky, operating under the RedEye handle, is the founder of, a well-known anonymous forum for Russian-speaking web-masters.[31] Vrublevsky has not confirmed this information,[32] although a blog on the forum by RedEye, a handle commonly connected to Vrublevsky, makes frequent reference to events in Vrublevsky's life, while the user RedEye's signature included links to companies owned by Vrublevsky.

At various times he headed up the E-Commerce Committee of the National Association of Participants in Electronic Trade,[33] and the Anti-Spam Commission of the RF Communication Ministry's Internet development working group. Vrublevsky is also a member of the Russian Association for Electronic Communications (RAEC).[34]

In 2011, he was included in Finance magazine's 33 Peppers list of the most successful men under 33.[3]

Criminal prosecution[edit]

In 2007, Pavel Vrublevsky first became the object of persecution from a government agency.[35] The Interior Affairs Directorate for Northeastern Moscow conducted a search of an auxiliary office of ChronoPay as part of a case per Article 172 of the RF Criminal Code (illegal banking activity), taking office equipment and the company's safe. Over the next several months, ChronoPay was subjected to raids and searches resulting in the instigation of a criminal case per Article 172. This case would later be closed and re-opened numerous times, partially as a result of complaints by Duma Deputy Ilya Ponomarev.[22][36]

At the moment, there have been no charges brought against anyone in this case, the fate of which is unknown. A number of online sources have pointed out that this case was connected with the operations of the Fethard electronic payments system, but Vrublevsky himself denies it, despite mentions on blogs[37] An article by a blogger alleges that Vrublevsky owns Fethard jointly with Mikhail Zhilenkov, the husband of Yeltsin's granddaughter. has not confirmed a connection to this system.[38] One of the investigators responsible for prosecuting Vrublevsky, Stanislav Maltsev, went on to be an employee of Vrublevsky's company Chronopay [39] and is representing Vrublesvky in his current trial.[40]

The volume of materials published online in connection with Pavel Vrublevsky, including those classified For Internal Use Only, is sizable. Among these is the official correspondence between high-ranking Interior Ministry employees;[41] letters to Duma deputies, including Ilya Ponomarev, responding to inquiries; case-related correspondence;[42][43] a confession by Artimovich (one of the hackers) mentioning Vrublevsky; and supporting documentation from the FSB. The provenance of most of the documents has not been ascertained.[44]

Also leaked online were what appeared to be a large number of internal ChronoPay documents that, if genuine, show the large degree of criminal activity undertaken by employees at the company, including rogue anti-virus, illegal online pharmaceutical sales, operating affiliate programs for the same, extortion, DDoS attacks and corruption.[45] The leaked documents also included the ownership structure of ChronoPay, including that a key shareholder was Rove Digital.[46] Rove Digital, another cyber criminal enterprise based in Estonia, was itself closed after being targeted in what the FBI called the "biggest cybercriminal takedown in history." [47]

In the spring of 2011, cyber-security expert Brian Krebs accused Vrublevsky and Alexander Volkov of creating a malicious program aimed at Apple computers,[48] and accused ChronoPay of working with Mac Defender, a rogue security program posing as antivirus software.[49][50][51]

On 24 June 2011, The Moscow City Lefortovo Court issued a warrant for the arrest of Pavel Vrublevsky.[52][53] The arrest took place at the suit of the FSB Investigations Directorate, with support from the RF FSB Information Security Center. Upon returning to Moscow from the Maldives with his family, Vrublevsky was arrested at Sheremetyevo airport. The FSB accused Vrublevsky of commissioning a DDoS attack on Assist, a competing payment processor.[54][55][56] ChronoPay and Assist were competing for Aeroflot's business, and as part of that attack on Assist, the Aeroflot e-ticket sales system went down, which caused the airline to leave Assist, albeit for Alfa-Bank. Aeroflot also filed a 194 million ruble lawsuit against VTB-24 bank, which had purchased Assist processing company.[57]

Vrublevsky spent the next six months in pre-trial detention at Lefortovo. During that time he pleaded guilty in an attempt to be granted bail.[58][59] He was released under the Russian law that says a prisoner cannot be held for more than six month without trial, as his trial had not yet started.

After being released, Vrublevsky was preparing the sale of ChronoPay, which he publicly stated that he hoped would be purchased by a major state bank.[20] Vrublevsky's lawyer maintained that the case was fabricated from beginning to end, and demanded that FSB employees be held liableФСБ.[60] The criminal case was sent back for supplementary investigation for a curious reason: the FSB investigation made a mistake (which was affirmed by the Prosecutor General's Office in the indictment) in the number of the federal law per which Vrublevsky was being charged. Instead of Russian Federal Law 26 (Article 272: illegal access, and Article 273: creating and using a virus) the law cited was Russian Federal Law 28 (a law having to do with the ratification of an agreement between RF and Asian countries to create a joint narcotics elimination center).[61][62] Subsequently, the charges per Article 273 were removed by Tushinsky Court in view of an expired statute of limitations.[63]

The whys and wherefores of Vrublevsky's persecution were discussed in the press. For instance, an article by Irek Murtazin in Novaya Gazeta[64] stated that, despite being prosecuted by the FSB Information Security Center, Vrublevsky could be an agent or partner of the "K" Directorate of the FSB in illegally funneling money out of the country. Save a number of value judgements, the article did not offer any facts to buttress this claim. Employees of ChronoPay, owned by Vrublevsky, have asserted that his arrest has to do with an attempt at an illegal takeover of the company,[65] although there was no further public corroboration of this. According to documents related to the case leaked online, the botherder accused of actually launching the attack, Igor Artimovich, who also used the handle Engel, launched the attack at Vrublevsky's request.[66] The aforementioned leaked ChronoPay documents also make reference to Engel. Among other things, they include a payment of more than 9,000 US dollars to "Engel" a few days before the attack began.[67]

American journalist and cyber-security expert Brian Krebs stated on his blog that the criminal prosecution of Vrublevsky was in part the result of an ongoing feud between Pavel Vrublevsky and his ex-partner Igor Gusev. Mr. Kreb's articles highlight reports of bribes paid by both men to cause official troubles for one another.[68][69] Incriminating documents appearing to be stolen from ChronoPay appeared online during this feud, as incriminating information appearing to be from Gusev's spam brokerage project Spammit. Gusev is currently on the run following criminal charges for his spam operations.[70]

In August 2013, Vrublevsky was found guilty and sentenced to two-and-half years in a Russian penal colony.[71] He was paroled on in May 2014.[72]

Personal life[edit]

Vrublevsky is married to producer Vera Vrublevskaya with whom he has three children.[73][74]


  1. ^ a b Pavel Vrublevsky's dossier |
  2. ^ Interview with RedEye > Interview >
  3. ^ a b 33 Peppers. Finance magazine № 11 (390) 28.03–03.04.2011
  4. ^ PIRATES AND THE 21st CENTURY. Part 3
  5. ^ ChronoPay запускает новый проект E-Avia. ChronoPay launches E-Avia, a new project. News about search engines, catalogues and online business.
  6. ^ ROMS Challenges ChronoPay | MoneyNews
  7. ^ Russia's Brand of iTunes. Time. Tuesday, June 13, 2006
  8. ^ a b Russian mp3s will have their financing blocked - @ASTERA
  9. ^ Internet: Western rights holders want to sue popular Russian mp3 site
  10. ^ halts musical pause («КоммерсантЪ», 28.08.2007) - WTO.RU
  11. ^ Follow the money : processing payments from fake-AV scams | McAfee Communities
  12. ^ Who’s Behind the World’s Largest Spam Botnet? — Krebs on Security
  13. ^ ChronoPay’s Scareware Diaries — Krebs on Security
  14. ^ VZGLYAD / Russia stuck with MP3>
  15. ^ Ъ-Газета - Internet pirates lose protection
  16. ^ DailyTech - Russian Anti-Spam Chief Caught Spamming
  17. ^ Electronification of air travel. ChronoPay plans to become e-ticket market leader | comnews
  18. ^ Media for hackers | IT | Moscow news
  19. ^ Raf Shakirov relaunches Finansovaya Gazeta — Marker business newspaper
  20. ^ a b "We were at Lefortovo and understand the harsh realities in which Russian businessmen live"- ChronoPay owner Pavel Vrublevsky - Interview - Finmarket
  21. ^ Russian Anti-Spam Chief Caught Spamming. DailyTech May 19, 2010
  22. ^ a b
  23. ^ Glavmed owner Igor Anatolyevich Gusev births "epic sh*te" — The Moscow Post
  24. ^ Вести.Ru: Largest spammer in the world turns out to be Russian
  25. ^ [1]
  26. ^ Russian Electronic Communications Association reports success in fighting cybercrime! Archived 14 November 2013 at the Wayback Machine.
  27. ^ Pharma Wars: The Price of (in)Justice — Krebs on Security
  28. ^ Spam volume falls after shuts down |
  29. ^ Black Market Pharmacies And The Big Business Of Spam by Tracey Samuelson January 11, 2013
  30. ^ Let's meet: Pavel Olegovich Vrublevsky, aka RedEye
  31. ^ a b Following the Money, Part II — Krebs on Security
  32. ^ ChronoPay CEO PAvel Vrublevsky/ Runetologiya / Podcast on
  33. ^ Gutierrez: The largest pirate site continues to operate in Russia | RIA Novosti
  34. ^ Group-IB Presentation. Modern corporate crimes.
  35. ^ RedEye: Fethard was not turned over to the government. Miku blog
  36. ^ English Translation of one of complaints in a Brian Krebs blog
  37. ^ [2]
  38. ^ The Moscow Post: RedEye emerges from jail?
  39. ^ [3]
  40. ^ [4]
  41. ^
  42. ^ FSB propaganda: Hacker attacks on Assist happened on the orders of ChronoPay head Pavel Vrublevsky | security information portal
  43. ^ Pavel Vrublevsky (RedEye)
  44. ^ FSB propaganda re DDoS attack on Assist servers published
  45. ^ [5]
  46. ^ [6]
  47. ^ [7]
  48. ^ ChronoPay Fueling Mac Scareware Scams — Krebs on Security
  49. ^ Following the Money: Rogue Anti-virus Software The Washington Post
  50. ^ ChronoPay Fueling Mac Scareware Scams — Krebs on Security
  51. ^ CNews: Fake antivirus Mac Defender inextricably linked to Russians
  52. ^ ChronoPay's Vrublevsky Arrested for Cyber Attack. eSecurity Planet, June 24 2011
  53. ^ ChronoPay CEO arrested on suspicion of organizing a DDoS on Aeroflot's site - | Business
  54. ^ ChronoPay CEO arrested for alleged DDoS attack on rival
  55. ^ Russian online payments company chief arrested. The Financial Times. June 24, 2011
  56. ^ Why Pavel Vrublevsky was arrested |
  57. ^ Financial Mogul Linked to DDoS Attacks — Krebs on Security
  58. ^ ChronoPay owner Vrublevsky pleads guilty in cyber attack case, court extends detention. East-West Digital News / Nov 02, 2011
  59. ^ Vrublevsky: After emerging from pre-trial detention I became much more hard-boiled | Business | Digit. Internet technology magazine. Profoundly about the profound.
  60. ^ VEDOMOSTI - ChronoPay owner's case goes to court
  61. ^ Prosecutor's Office mistakenly charges Vrublevsky with narcotrafficking |
  62. ^ Charge removed from indictments of those accused in Aeroflot DDoS attack. Charge removed from indictments of those accused in Aeroflot DDoS attack. RAPSI News 14/09/2012
  63. ^ M24.RU - Charges in case of attack on Aeroflot's site partially removed - The "Moscow 24" municipal channel
  64. ^ Cybercriminal № 1 Pavel Vrublevsky: Superagent or FSB victim?
  65. ^ News of Vrublevsky's arrest on the Business FM site. 27 June 2011.
  66. ^ [8]
  67. ^ [9]
  68. ^ Pharma Wars: The Price of (in)Justice. B.Krebs. 17.11.11
  69. ^ Pharma Wars: Purchasing Protection. B.Krebs. 30.08.2011.
  70. ^ Kramer, Andrew E. (26 October 2010). "E-Mail Spam Falls After Russian Crackdown". 
  71. ^ Krebs, Brian (7 August 2013). "Russian internet payment boss sentenced". 
  72. ^ Gutsul, Diana (27 May 2014). "Convicted in Aeroflot DDoS-attack case released on parole". Retrieved 18 April 2015. 
  73. ^ Иван Шаповалов: о настоящем без провокации (in Russian). 9 March 2012. 
  74. ^ Krebs, Brian (2014). Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door. Sourcebooks, Inc. pp. 58–59. ISBN 1-402-29563-4. 

External links[edit]