The UK, US and Australia have announced sanctions against three prolific bulletproof hosting companies and four Russian executives linked to the organizations.
Media Land, ML.Cloud and Aeza Group were named by the UK’s Foreign, Commonwealth and Development Office, alongside Media Land boss, Alexander Volosovik (aka Yalishanda), who is known to have supported ransomware and cybercrime efforts for many years.
The other individuals named in the sanctions were Yulia Pankova, Kirill Zatolokin and Andrei Kozlov. The US also sanctioned UK-registered Hypercore, which is said to be a front for Aeza Group.
Bulletproof hosters are a crucial cog in the cybercrime machine, providing online infrastructure to threat actors that is nominally out of the reach of law enforcement.
The British government claims cyber-attacks cost the economy £14.7bn ($19.2bn) in 2024, amounting to 0.5% of GDP.
Read more on sanctions: US, UK and Australia Sanction Russian Bulletproof Hoster Zservers
Between them, the sanctioned entities are thought to have supported various ransomware and cybercrime outfits including Meduza, Lumma Stealer, BianLian, RedLine, LockBit, Play and BlackSuit.
Aeza Group has been previously sanctioned for providing bulletproof hosting for notorious Russian disinformation outfit Social Design Agency.
The UK’s National Crime Agency (NCA) claimed that Volosovik has been operating since at least 2010, and is associated with cybercrime groups Evil Corp, LockBit and Black Basta.
The coordinated sanctions will see the seizure of property and businesses in the US, UK and Australia, and make it much harder for the entities to transact with the West through legitimate banking channels.
Experts Welcome Action
Wayne Cleghorn, technology, data protection and cybersecurity partner at Excello Law, welcomed the Western allies using their intelligence to root out key elements of the cybercrime supply chain.
“Cybercrime and cyber-espionage are a scourge and a clear and present danger to online safety, e-commerce, intellectual property, cybersecurity and the price of everyday goods and services,” he said.
“Russia is the epicentre of much of the world’s most sophisticated and persistent cyber gangs and cybercrime activities. Efforts to reduce and eliminate these threats create a safer online world.”
NCA National Cyber Crime Unit boss, Paul Foster, said the action would help to dent the reputation of the sanctioned companies for providing digital safe havens for criminals.
“Services like Media Land and Aeza are critical enablers for cybercriminals so sanctions like today’s against Media Land will inhibit their ability to plan, launch and monetize criminal schemes,” he said.
“This action will assist in law enforcement’s pursuit of nullifying the ‘bulletproof’ shield provided by illicit hosting services, helping to degrade the cybercrime ecosystem that nefarious actors depend on.”
The Five Eyes nations also published new guidance yesterday to help ISPs and network defenders to mitigate malicious activity enabled by bulletproof hosters.
