Jessie A Ellis
Nov 21, 2025 08:57
In a coordinated effort, the U.S., U.K., and Australia have sanctioned Russian bulletproof hosting providers involved in ransomware and cybercrime activities.
The United States, United Kingdom, and Australia have jointly sanctioned Russian bulletproof hosting providers, targeting cybercriminal infrastructure that supports ransomware attacks, according to Chainalysis. The coordinated action by the Office of Foreign Assets Control (OFAC) and its international counterparts focuses on Media Land, LLC, and its network, which allegedly facilitates malicious cyber operations globally.
Bulletproof Hosting and Cybercrime
Bulletproof hosting providers offer services that allow cybercriminals to operate with impunity by ignoring abuse reports and hosting malicious content. These services are crucial for executing ransomware attacks, phishing campaigns, and other cybercrimes. Media Land’s network, which includes entities like Media Land Technology LLC and Data Center Kirishi LLC, exemplifies how such operations thrive on a distributed structure across multiple jurisdictions to evade regulatory oversight.
Link to AEZA Group
OFAC’s recent sanctions build on previous actions against AEZA Group, another bulletproof hosting provider, designated in July 2025. The expanded sanctions now include individuals like Maksim Makarov and Ilya Zakirov, linked to AEZA Group, who are believed to be instrumental in maintaining these networks.
Cryptocurrency Connections
OFAC’s designation also involves a Bitcoin address associated with Aleksandr Volosovik, a key figure in the cybercrime network. Volosovik’s services allegedly supported a wide range of illegal activities, from underground exchanges to ransomware operations, including those run by sanctioned LockBit administrator Dmitry Khoroshev.
International Coordination
This trilateral effort highlights the importance of international cooperation in tackling cybercrime infrastructure. The sanctions carry secondary risks under the Ukraine-/Russia-Related Sanctions Regulations, potentially impacting non-U.S. entities engaging with the designated parties. This approach aims to disrupt the infrastructure layer enabling cybercrime, increasing operational risks for threat actors.
Drug Trafficking Network
In a separate but related action, OFAC sanctioned Ryan James Wedding, a former Canadian Olympic snowboarder, for his involvement in a global drug trafficking ring. Wedding allegedly trafficked cocaine from Mexico and Colombia to North America and is linked to extreme violence across the region. His operations reportedly used stablecoins for laundering, with Tether freezing related wallets in July.
Implications for Cryptocurrency Compliance
Cryptocurrency businesses are advised to enhance screening for transactions involving the newly designated individuals and entities. This includes monitoring connections to bulletproof hosting providers and implementing due diligence for high-risk customers. Enhanced compliance measures are crucial for mitigating sanctions risks and aligning with international regulatory standards.
Image source: Shutterstock
Source: https://blockchain.news/news/us-uk-australia-sanctions-russian-cybercrime-networks
