Us, Uk, And Australia Sanction Russian ‘bulletproof’ Web Host Used In Ransomware Attacks

The governments of nan United States, United Kingdom, and Australia person sanctioned a Russian “bulletproof” web hosting institution and respective of its related firms for allegedly being utilized to motorboat ransomware attacks against U.S. victims and captious infrastructure. 

In a connection Wednesday, nan U.S. Treasury said it imposed coordinated sanctions connected nan Russia-based web big Media Land and 3 related companies. The sanctions besides target respective of nan company’s executives, including its wide head — besides known arsenic Yalishanda — who allegedly provided servers and troubleshooting to cybercriminals.

Officials opportunity criminal hackers relied connected Media Land to motorboat distributed denial-of-service attacks. Prolific ransomware gangs, including LockBit, BlackSuit, and Play allegedly utilized it for their infrastructure. The Treasury said respective of nan company’s labor coordinated pinch cybercriminals.

“Bulletproof” providers are web hosts and unreality companies that typically tout their services arsenic impervious aliases resilient to rule enforcement actions, specified arsenic takedowns aliases ineligible demands, and arsenic specified are commonly utilized by cybercriminals to big their malicious infrastructure. 

U.S. officials said hosting companies for illustration Media Land thief supply cybercriminals basal services for “attacking businesses successful nan United States and successful allied countries,” though Treasury did not sanction nan victims of nan attacks.

The U.K.’s Foreign Office said it was besides designating a U.K.-based institution called Hypercore, which officials said was group up arsenic a beforehand institution for Aeza Group, different bulletproof hosting institution that was sanctioned by nan U.S. successful July. The U.K. said in its ain statement that Aeza is linked to a Kremlin disinformation statement called nan Social Design Agency.

Sanctioning nan companies and individuals progressive successful cybercrime efficaciously makes it forbidden for citizens, residents, aliases those pinch business ties to nan U.S., U.K., and Australia from transacting aliases conducting business pinch those sanctioned.

U.S. cybersecurity agency CISA and nan National Security Agency published guidance Wednesday connected really organizations tin mitigate nan risks from bulletproof hosting providers.