A Russia-based firm offering technical instruments to ransomware gangs and digital drug sellers was sanctioned by the U.S. Treasury Division on Tuesday.
Aeza Group is a bulletproof internet hosting (BPH) providers supplier, the division said, that enables cybercriminals to keep away from legislation enforcement whereas renting IP addresses, servers and domains used for disseminating malware, supporting darknet markets and finishing up different duties associated to fraud and cyberattacks.
Along with focusing on Aeza Group, Treasury officers mentioned they’re sanctioning two affiliated firms and 4 people who’re firm leaders. CEO Arsenii Aleksandrovich Penzev was cited for his function in proudly owning and operating Aeza Group. Penzev has allegedly been concerned in a number of bulletproof internet hosting and illicit drug market companies.
A number of Aeza Group leaders had been arrested in April by Russian authorities on suspicion of main a felony group and involvement in large-scale drug trafficking.
“Cybercriminals proceed to rely closely on BPH service suppliers like Aeza Group to facilitate disruptive ransomware assaults, steal U.S. expertise, and promote black-market medicine,” said Bradley Smith, performing undersecretary of the Treasury for terrorism and monetary intelligence.
Smith added that the sanctions had been issued alongside officers within the U.Ok.’s Nationwide Crime Company and different international locations. The corporate’s web site is at the moment down however it’s registered as a professional enterprise providing cybersecurity, website hosting and IT providers.
“Treasury, in shut coordination with the UK and our different worldwide companions, stays resolved to reveal the essential nodes, infrastructure, and people that underpin this felony ecosystem,” he mentioned.
Aeza Group relies in St. Petersburg and has allegedly supplied internet hosting providers to ransomware gangs like BianLian and the operators behind infostealing malware like RedLine, Lumma and Meduza. The Treasury Division accused Aeza Group of serving to hackers goal U.S. protection firms and expertise companies.
The platform additionally helped BlackSprut, a long-running Russian darknet market used to purchase and promote illicit medicine, the Treasury mentioned.
Cybersecurity researchers have beforehand linked Aeza Group to the pro-Kremlin disinformation marketing campaign generally known as Doppelgänger, which has been energetic in Europe since a minimum of 2022.
The subsidiaries going through sanctions embody U.Ok.-based Aeza International in addition to Aeza Logistic and Cloud Options. Alongside Penzev, basic director Yurii Meruzhanovich Bozoyan, technical director Vladimir Vyacheslavovich Gast and part-owner Igor Anatolyevich Knyazev had been all sanctioned.
Bozoyan was arrested in Russia with Penzev for his function in serving to arrange BlackSprut. Knyazev has been operating the websites whereas Penzev and Bozoyan cope with their fees, based on the Treasury.
Legal infrastructure beneath hearth
The division mentioned the motion is an element of a bigger effort by U.S. legislation enforcement to close down highly effective instruments utilized by organized cybercriminal gangs to perpetrate assaults.
Russia is residence to a number of bulletproof internet hosting suppliers that help in cyberattacks, together with one reportedly used to target a media organization just lately within the nation.
In February, the Treasury Division partnered with officers in Australia and the U.Ok. to sanction another Russian bulletproof hosting service called Zservers in addition to the Russian nationals behind the corporate.
A person suspected of proudly owning a bulletproof internet hosting firm was arrested in Spain final October amid a wider operation focusing on one of many fundamental members of the Evil Corp cybercrime group and a LockBit affiliate.
Lolek Hosted was taken offline by legislation enforcement in 2023 and the U.S. Justice Division sentenced 39-year-old Mihai Ionut Paunescu to a few years in federal jail for his function in serving to run bulletproof internet hosting service PowerHost[.]ro.
Russian nationwide Aleksandr Grichishkin was handed a five-year sentence in 2021 for founding and working a bulletproof internet hosting firm whereas Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, had been each sentenced to more than two years in jail for operating a bulletproof internet hosting group that helped launch assaults towards U.S. targets between 2009 and 2015.
Recorded Future
Intelligence Cloud.
