US, UK and Australia impose sanctions on ‘bulletproof’ Russian web host used in ransomware attacks

The US, UK and Australian governments have imposed sanctions on a “bulletproof” Russian web hosting company and several associated companies for allegedly using them to launch ransomware attacks against US victims and critical infrastructure.

The US Treasury said in a statement on Wednesday He said Coordinated sanctions were imposed on Russia-based web hosting company Medialand and three related companies. The sanctions also target several of the company’s executives, including its general manager – also known as… Yalichanda – which allegedly provided servers and troubleshooting to cybercriminals.

Officials say criminal hackers relied on Media Land to launch distributed denial-of-service attacks. Ransomware gangs are prolific, incl LockBit, Black suitand He plays They allegedly used it for their infrastructure. The Treasury Department said several of the company’s employees coordinated with cybercriminals.

“Bulletproof” providers are web hosts and cloud companies that typically promote their services as impervious or resilient to law enforcement actions, such as takedowns or legal demands, and as such are commonly used by cybercriminals to host their malicious infrastructure.

US officials said hosting companies like Medialand help provide essential services for cybercriminals to “attack businesses in the United States and allied countries,” although the Treasury Department did not name the victims of the attacks.

The British Foreign Office said it was also designating a UK-based company called Hypercore, which officials said was set up as a front company for Aeza Group, another bulletproof hosting company that was… imposed by the United States in July. United Kingdom said In her own statement That Aza is linked to a Kremlin disinformation organization called Social Design Agency.

Imposing sanctions on companies and individuals involved in cybercrime makes it illegal for citizens, residents, or those with business relationships with the United States, the United Kingdom, and Australia to deal or conduct business with sanctioned persons.

CISA and the National Security Agency Published guidance Wednesday on how organizations can mitigate risks from bulletproof hosting providers.