Pavel Vrublevsky

Early life and education

Vrublevsky was born in Moscow to Oleg and Vera Vrublevsky. In his youth, Vrublevsky worked as a cash courier. At the age of 15, he was an exchange student as part of the American Field Service program in Norway, then studied at the Maurice Thorez Moscow Institute of Foreign Languages, which he left for the Sociology department of Moscow State University, from which he graduated in 2001. Vrublevksy told interviewers from Finance magazine that he was expelled from university for disciplinary reasons.

At 18, he opened his first IT company, which developed billing software for telecom firms.

Chronopay

In 2003 Vrublevsky founded ChronoPay B.V., headquartered in Amsterdam, taking the helm at the Moscow office. In 2005, ChronoPay debuted on the Russian market, and in 2006 was already the recipient of the Runet Prize.

In 2006-7, Vrublevsky, along with music producer Ivan Shapovalov, acquired the mp3search.ru online store, while actively pursuing his own mp3-related business activities. In 2007, Vrublevsky launched the E-Avia project - a payment platform for the tourist market and the airline industry.

At roughly the same time, Vrublevsky became embroiled in a struggle between FAIR and ROMS, two competing entities involved in the collective management of authors' rights. ROMS representatives filed a complaint with the Prosecutor's Office against Vrublevsky and his company ChronoPay, alleging that ChronoPay refused to service online stores selling ROMS-licensed mp3s. This complaint resulted in neither judicial nor criminal action.

Vrublevsky's ChronoPay processes payments for the allofmp3.com online store, which was the subject of persecution from IFPI, the international collective authors' rights management entity and also the subject of grievances the US had with Russia during talks about Russia's membership in the WTO. Allofmp3.com was operating under ROMS license, contributing roughly 50% in licensing fees to this organization.

Some internet sources claim that ChronoPay also processed payments for a range of criminal operations, despite public complaints, including rogue anti-virus operations, illegal online pharmaceuticals sales, and even extortion based on fraudulent copyright claims.

In 2006, Vrublevsky helmed the E-Commerce Committee of the National Association of Participants in Electronic Trade. The committee advocated the maintenance of the existing online collective rights management model, whereas Vrublevsky openly supported FAIR - one of the then-largest rights management entities. He lost that position as well as other official positions in 2010, after Ilya V. Ponomarev, a Duma member and deputy of Russia's Duma’s Hi-Tech Development Subcommittee, publicly accused Vrublevsky of running spam and scareware scams while being part of organizations meant to stop them and called for his removal.

In 2007, after e-tickets arrived in Russia, Vrublevsky began processing electronic airline tickets via E-Via, which he started. ChronoPay E-Avia processed payments for most major airlines with the exception of Aeroflot.

Publishing

In 2012, Vrublevsky proposed to buy Hacker magazine from the GAMELAND publishing house. According to media reports in 2012 Vrublevsky also is gearing up to purchase Russia's oldest business publication, Finansovaya Gazeta (founded 1915), published jointly with the Russian Finance Ministry.

Investments

In 2012 Vrublevsky also created the RNP investment fund as a vehicle for cultivating new online ventures.

Fighting cybercrime

In 2009, Vrublevsky was part of the anti-spam working group of the RF Communications Ministry, started a campaign against Igor Gusev (the world's prime spammer per a Spamhaus ranking) the owner of GlavMed, the largest spam network for Viagra sales. Gusev was Vrublevsky's former business partner and now rival, which may have prompted the activity.

Vrublevsky's role in the anti-spam campaign in Russia and abroad remains controversial despite the fact that his principal opponent, cyber-security expert Brian Krebbs and Igor Gusev, have named him as the campaign's founder. Experts agree that after criminal prosecution of Gusev began and the SpamIt spam program was closed down in 2010, the global volume of spam fell by half.

According to I. Gusev and Brian Krebs, Vrublevsky, operating under the RedEye handle, is the founder of Crutop.nu, a well-known anonymous forum for Russian-speaking web-masters. Vrublevsky has not confirmed this information, although a blog on the forum by RedEye, a handle commonly connected to Vrublevsky, makes frequent reference to events in Vrublevsky's life, while the user RedEye's signature included links to companies owned by Vrublevsky.

At various times he headed up the E-Commerce Committee of the National Association of Participants in Electronic Trade, and the Anti-Spam Commission of the RF Communication Ministry's Internet development working group. Vrublevsky is also a member of the Russian Association for Electronic Communications (RAEC).

In 2011, he was included in Finance magazine's 33 Peppers list of the most successful men under 33.

Criminal prosecution

In 2007, Pavel Vrublevsky first became the object of persecution from a government agency. The Interior Affairs Directorate for Northeastern Moscow conducted a search of an auxiliary office of ChronoPay as part of a case per Article 172 of the RF Criminal Code (illegal banking activity), taking office equipment and the company's safe. Over the next several months, ChronoPay was subjected to raids and searches resulting in the instigation of a criminal case per Article 172. This case would later be closed and re-opened numerous times, partially as a result of complaints by Duma Deputy Ilya Ponomarev.

At the moment, there have been no charges brought against anyone in this case, the fate of which is unknown. A number of online sources have pointed out that this case was connected with the operations of the Fethard electronic payments system, but Vrublevsky himself denies it, despite mentions on blogs An article by a blogger alleges that Vrublevsky owns Fethard jointly with Mikhail Zhilenkov, the husband of Yeltsin's granddaughter. has not confirmed a connection to this system. One of the investigators responsible for prosecuting Vrublevsky, Stanislav Maltsev, went on to be an employee of Vrublevsky's company Chronopay and is representing Vrublesvky in his current trial.

The volume of materials published online in connection with Pavel Vrublevsky, including those classified For Internal Use Only, is sizable. Among these is the official correspondence between high-ranking Interior Ministry employees; letters to Duma deputies, including Ilya Ponomarev, responding to inquiries; case-related correspondence; a confession by Artimovich (one of the hackers) mentioning Vrublevsky; and supporting documentation from the FSB. The provenance of most of the documents has not been ascertained.

Also leaked online were what appeared to be a large number of internal ChronoPay documents that, if genuine, show the large degree of criminal activity undertaken by employees at the company, including rogue anti-virus, illegal online pharmaceutical sales, operating affiliate programs for the same, extortion, DDoS attacks and corruption. The leaked documents also included the ownership structure of ChronoPay, including that a key shareholder was Rove Digital. Rove Digital, another cyber criminal enterprise based in Estonia, was itself closed after being targeted in what the FBI called the "biggest cybercriminal takedown in history."

In the spring of 2011, cyber-security expert Brian Krebs accused Vrublevsky and Alexander Volkov of creating a malicious program aimed at Apple computers, and accused ChronoPay of working with Mac Defender, a rogue security program posing as antivirus software.

On 24 June 2011, The Moscow City Lefortovo Court issued a warrant for the arrest of Pavel Vrublevsky. The arrest took place at the suit of the FSB Investigations Directorate, with support from the RF FSB Information Security Center. Upon returning to Moscow from the Maldives with his family, Vrublevsky was arrested at Sheremetyevo airport. The FSB accused Vrublevsky of commissioning a DDoS attack on Assist, a competing payment processor. ChronoPay and Assist were competing for Aeroflot's business, and as part of that attack on Assist, the Aeroflot e-ticket sales system went down, which caused the airline to leave Assist, albeit for Alfa-Bank. Aeroflot also filed a 194 million ruble lawsuit against VTB-24 bank, which had purchased Assist processing company.

Vrublevsky spent the next six months in pre-trial detention at Lefortovo. During that time he pleaded guilty in an attempt to be granted bail. He was released under the Russian law that says a prisoner cannot be held for more than six month without trial, as his trial had not yet started.

After being released, Vrublevsky was preparing the sale of ChronoPay, which he publicly stated that he hoped would be purchased by a major state bank. Vrublevsky's lawyer maintained that the case was fabricated from beginning to end, and demanded that FSB employees be held liableФСБ. The criminal case was sent back for supplementary investigation for a curious reason: the FSB investigation made a mistake (which was affirmed by the Prosecutor General's Office in the indictment) in the number of the federal law per which Vrublevsky was being charged. Instead of Russian Federal Law 26 (Article 272: illegal access, and Article 273: creating and using a virus) the law cited was Russian Federal Law 28 (a law having to do with the ratification of an agreement between RF and Asian countries to create a joint narcotics elimination center). Subsequently, the charges per Article 273 were removed by Tushinsky Court in view of an expired statute of limitations.

The whys and wherefores of Vrublevsky's persecution were discussed in the press. For instance, an article by Irek Murtazin in Novaya Gazeta stated that, despite being prosecuted by the FSB Information Security Center, Vrublevsky could be an agent or partner of the "K" Directorate of the FSB in illegally funneling money out of the country. Save a number of value judgements, the article did not offer any facts to buttress this claim. Employees of ChronoPay, owned by Vrublevsky, have asserted that his arrest has to do with an attempt at an illegal takeover of the company, although there was no further public corroboration of this. According to documents related to the case leaked online, the botherder accused of actually launching the attack, Igor Artimovich, who also used the handle Engel, launched the attack at Vrublevsky's request. The aforementioned leaked ChronoPay documents also make reference to Engel. Among other things, they include a payment of more than 9,000 US dollars to "Engel" a few days before the attack began.

American journalist and cyber-security expert Brian Krebs stated on his blog that the criminal prosecution of Vrublevsky was in part the result of an ongoing feud between Pavel Vrublevsky and his ex-partner Igor Gusev. Mr. Kreb's articles highlight reports of bribes paid by both men to cause official troubles for one another. Incriminating documents appearing to be stolen from ChronoPay appeared online during this feud, as incriminating information appearing to be from Gusev's spam brokerage project Spammit. Gusev is currently on the run following criminal charges for his spam operations.

In August 2013, Vrublevsky was found guilty and sentenced to two-and-half years in a Russian penal colony. He was paroled on in May 2014.

Personal life

Vrublevsky is married to producer Vera Vrublevskaya with whom he has three children.