The U.S. Division of the Treasury, Australia, and the UK have introduced coordinated sanctions in opposition to Media Land.
This Russia-based bulletproof internet hosting firm offers infrastructure to ransomware and different cybercriminals.
The U.S. Federal Bureau of Investigation additionally coordinated the motion focusing on the corporate’s management workforce and associated entities.
Bulletproof internet hosting suppliers supply specialised servers designed to assist criminals cover their actions and keep away from legislation enforcement.
These companies give ransomware gangs, hackers, and different cybercriminals the infrastructure they should launch assaults in opposition to companies and demanding infrastructure.
Media Land, headquartered in St. Petersburg, Russia, equipped internet hosting companies to main ransomware teams, together with LockBit, BlackSuit, and Play.
The corporate’s infrastructure was additionally used for distributed denial-of-service (DDoS assaults focusing on U.S. corporations and demanding methods. Firm management performed direct roles within the felony operation.
Aleksandr Volosovik, Media Land’s basic director, marketed the corporate’s companies on cybercriminal boards underneath the alias “Yalishanda” and offered servers to ransomware actors.
Kirill Zatolokin, an worker, collected funds from clients and coordinated with different cyber actors. Yulia Pankova assisted Volosovik with authorized issues and monetary administration.
The Treasury additionally designated Hypercore Ltd., a UK-registered firm created by the Aeza Group after it was sanctioned in July 2025. Aeza tried to rebrand and conceal its connections to keep away from sanctions.
Treasury officers designated new corporations and people concerned within the evasion effort, together with administrators Maksim Makarov and Ilya Zakirov. Associated entities in Serbia and Uzbekistan had been additionally focused.
All property and property belonging to the designated people and corporations in the US are actually frozen.
U.S. individuals and companies are prohibited from conducting transactions with these entities. Monetary establishments participating with sanctioned events danger enforcement actions.
The U.S. Treasury emphasised that these coordinated worldwide actions reveal a dedication to stopping ransomware and defending residents from cybercrime.
The Cybersecurity and Infrastructure Safety Company launched extra steerage on defending in opposition to bulletproof internet hosting suppliers.
Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.
