US imposes sanctions on Russian hosting provider Aeza Group for supporting cybercrime
The provider provided infrastructure for the BianLian, Meduza, and Lumma groups. The case also involves the company’s British units and three Russians.
The provider provided infrastructure for the BianLian, Meduza, and Lumma groups. The case also involves the company’s British units and three Russians.
As TechRadar reports, the US Treasury Department has announced sanctions against the Russian company Aeza Group and its affiliates for facilitating cyberattacks and extortion. This is the second time in 2024 that the US authorities have punished hosting providers that operate in the bulletproof hosting format. These are hosting companies that deliberately ignore complaints about illegal activities from customers.
According to the investigation, Aeza Group provided the technical infrastructure for at least three well-known cybercrime operations: the BianLian ransomware group, as well as the Meduza and Lumma infostealers. BianLian, according to the investigation, attacked critical US infrastructure and prominent charities, including Save The Children.
Aeza’s affiliated entities in the UK, including Aeza International, were also sanctioned. According to US authorities, Aeza is owned by three Russian citizens: Arseniy Penzev, Yuriy Bozoyan and Igor Knyazev, who control the company in equal shares. The UK’s National Crime Agency (NCA) assisted the US in setting up affiliated companies in the UK.
«We will continue to identify key nodes, infrastructure, and individuals that enable the criminal ecosystem,» said Bradley Smith, Acting Under Secretary of the Treasury for Financial Intelligence.
American companies are now prohibited from doing business with Aeza Group. However, the sanctions are unlikely to have a significant impact on its operations. The vast majority of the hosting company’s clients, according to experts, are located in Russia or neighboring jurisdictions.
In addition to Aeza, US authorities have also taken on the fight against specific cybercrime tools: five domains related to the Lumma Stealer malware, which was used to steal data, were recently removed.
What is Bulletproof hosting (BPH)?
These are hosting providers that deliberately do not respond to complaints about illegal or malicious activity on their servers. They are often used for phishing, virus distribution, botnets, or platforms for cybercriminals.
We previously wrote about how the online video hosting and viewing service from Russia, Rutube, complained about the blocking of its application on Google Play. According to the Russians, Rutube is currently only available in the United States.
US, UK and Australia impose sanctions against Russian cyber group Zservers
US, UK and Australia impose sanctions against Russian cyber group Zservers
US imposes sanctions on Russian virtual financial platforms. $10 million reward offered for information on one of those involved
US imposes sanctions on Russian virtual financial platforms. $10 million reward offered for information on one of those involved
New US sanctions restrict Russian military-industrial complex’s access to Western IT services and chips from China
New US sanctions restrict Russian military-industrial complex’s access to Western IT services and chips from China
Read the country’s main IT news in our Telegram
Read the country’s main IT news in our Telegram
