Authorities Sanctioned Russia-based Bulletproof Hosting Provider for Supporting Ransomware Operations
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
The U.S. Department of the Treasury, Australia, and the United Kingdom have announced coordinated sanctions against Media Land.<\/p>\n
This Russia-based bulletproof<\/a> hosting company provides infrastructure to ransomware and other cybercriminals.<\/p>\n The U.S. Federal Bureau of Investigation also coordinated the action targeting the company\u2019s leadership team and related entities.<\/p>\n Bulletproof hosting providers offer specialized servers designed to help criminals hide their activities and avoid law enforcement.<\/p>\n These services give ransomware gangs, hackers, and other cybercriminals the infrastructure they need to launch attacks against businesses and critical infrastructure.<\/p>\n Media Land, headquartered in St. Petersburg, Russia, supplied hosting services to major ransomware groups, including LockBit, BlackSuit<\/a>, and Play.<\/p>\n The company\u2019s infrastructure was also used for distributed denial-of-service (DDoS attacks<\/a> targeting U.S. companies and critical systems. Company leadership played direct roles in the criminal operation.<\/p>\n Aleksandr Volosovik, Media Land\u2019s general director, advertised the company\u2019s services on cybercriminal forums under the alias \u201cYalishanda\u201d and provided servers to ransomware actors.<\/p>\n Kirill Zatolokin, an employee, collected payments from customers and coordinated with other cyber actors. Yulia Pankova assisted Volosovik with legal matters and financial management.<\/p>\n The Treasury also designated Hypercore Ltd., a UK-registered company created by the Aeza Group after it was sanctioned in July 2025. Aeza attempted to rebrand and hide its connections to avoid sanctions.<\/p>\n Treasury officials<\/a> designated new companies and individuals involved in the evasion effort, including directors Maksim Makarov and Ilya Zakirov. Related entities in Serbia and Uzbekistan were also targeted.<\/p>\n All property and assets belonging to the designated individuals and companies in the United States are now frozen.<\/p>\n U.S. persons and businesses are prohibited from conducting transactions with these entities. Financial institutions engaging with sanctioned parties risk enforcement actions.<\/p>\n The U.S. Treasury emphasized that these coordinated international actions demonstrate a commitment to preventing ransomware and protecting citizens from cybercrime<\/a>.<\/p>\n The Cybersecurity and Infrastructure Security Agency released additional guidance on protecting against bulletproof hosting providers.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Authorities Sanctioned Russia-based Bulletproof Hosting Provider for Supporting Ransomware Operations<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nMedia Land\u2019s Criminal Operations<\/strong><\/h2>\n