Authorities Sanction Russia-Based Bulletproof Hosting Provider for Supporting Ransomware Operations

In a coordinated enforcement action, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC), Australia’s Department of Foreign Affairs and Trade, and the United Kingdom’s Foreign, Commonwealth and Development Office have announced sanctions targeting Media Land, a Russia-based bulletproof hosting (BPH) service provider facilitating ransomware operations and cybercrime activities.

The trilateral sanctions represent an escalation in international efforts to dismantle cybercriminal infrastructure.

OFAC has designated Media Land LLC, headquartered in St. Petersburg, Russia, along with three leadership members and three sister companies.

Additionally, the UK and OFAC are targeting Hypercore Ltd., identified as a front company for Aeza Group LLC another BPH provider previously designated by OFAC in July 2025.

Media Land’s Role in Ransomware Operations

Media Land has provided specialized hosting services to criminal marketplaces and prolific ransomware operators, including LockBit, BlackSuit, and Play.

The infrastructure has also been weaponized in distributed denial-of-service (DDOS) attacks targeting U.S. businesses and critical infrastructure.

Bulletproof hosting providers specialize in offering servers and computer infrastructure designed to evade law enforcement detection and disrupt cybercriminal tracking efforts.

Key designated individuals include Aleksandr Volosovik, Media Land’s general director, who operates under the cybercriminal forum alias “Yalishanda,” and Kirill Zatolokin, an employee responsible for payment collection and coordination with other cyber actors.

Yulia Pankova was designated to assist Volosovik with legal matters and handle his finances.

The action also targets Aeza Group’s attempts to evade sanctions. Following OFAC’s July designation, Aeza leadership initiated a rebranding strategy to obscure connections to the new technical infrastructure.

Hypercore Ltd., a UK-registered company, was established to relocate Aeza’s IP infrastructure and circumvent sanctions.

Designated Aeza leadership includes Maksim Vladimirovich Makarov and Ilya Vladislavovich Zakirov, who orchestrated company restructuring and payment method obfuscation.

Supporting entities Smart Digital Ideas DOO and Datavice MCHJ, located in Serbia and Uzbekistan, respectively, facilitated Aeza’s infrastructure relocation.

Under Executive Order 13694, all designated entities’ U.S. assets are now frozen, and U.S. persons are prohibited from conducting transactions involving these individuals and organizations.

Financial institutions engaging with sanctioned entities face potential enforcement action and secondary sanctions exposure.

The coordinated action underscores international commitment to dismantling ransomware infrastructure and holding cybercriminal enablers accountable.

Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Updates

The post Authorities Sanction Russia-Based Bulletproof Hosting Provider for Supporting Ransomware Operations appeared first on Cyber Security News.