The Office of Foreign Assets Control of the U.S. Department of the Treasury (OFAC) has announced sanctions against the Russian company Aeza Group, which provided bulletproof hosting services for cybercriminals and drug traffickers. This decision is a response to numerous instances of the company’s infrastructure being used to support info stealers, ransomware, and darknet marketplaces.
This is reported by Finway
Details of the Sanctions Against Aeza Group
In addition to being added to the sanctions list, OFAC has blocked Aeza Group’s cryptocurrency wallet containing crypto assets worth approximately $350,000. According to official information, these funds were used to finance cyber operations aimed at data theft and supporting criminal activities online.
The U.S. Treasury Department stated that Aeza Group actively facilitated the activities of ransomware groups, info stealers (malware designed to steal confidential information), and darknet marketplaces, including Blacksprut, helping them evade detection and blocking by law enforcement agencies.
“Cybercriminals continue to rely on the services of bulletproof hosting providers like Aeza Group to carry out destructive ransomware attacks, steal U.S. technologies, and sell drugs on the black market. We remain resolute in exposing critical nodes, infrastructure, and individuals supporting this criminal ecosystem,” said Acting Assistant Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith.
Blocked Companies and Individuals
Aeza Group, registered in St. Petersburg, provided hosting for a number of criminal organizations, including the info stealer operators Meduza and Lumma, who attacked U.S. defense contractors, as well as data theft panels RedLine and ransomware BianLian. Among the company’s clients is the Russian darknet market Blacksprut, involved in drug trafficking.
Criminals used Aeza Group’s infrastructure to steal personal data, logins, passwords, and engage in illegal trade of synthetic drugs, posing a serious threat to U.S. national security.
The sanctions also target the subsidiaries of Aeza Group: Aeza International Ltd. (UK), which provided hackers with IP addresses, as well as the Russian companies Aeza Logistic LLC and Cloud Solutions LLC.
Additionally, sanctions have been imposed against four executives of Aeza Group: Arseniy Penzev (CEO and co-owner, arrested in Russia for hosting Blacksprut), Yuri Bozoyan (CEO and co-owner, also arrested), Vladimir Hast (CTO), and Igor Knyazev (acting manager).
All assets and property interests of the sanctioned individuals and companies located in the U.S. or under the control of U.S. persons are subject to blocking. U.S. citizens are prohibited from engaging in any transactions with these entities.
It is worth noting that last year, OFAC already imposed sanctions on two citizens of the Russian Federation for spreading disinformation. According to FinCEN, darknet marketplaces are actively used for trading fentanyl and its precursors, posing a serious threat to the U.S.
Furthermore, at the request of the U.S., Indian police arrested Alexey Beschekov, co-founder of the sanctioned Russian exchange Garantex. Analysts from Global Ledger reported the existence of unfrozen Garantex wallets containing crypto assets worth over $15 million.